./Ultimate.py --spec ../sv-benchmarks/c/properties/unreach-call.prp --file ../sv-benchmarks/c/product-lines/minepump_spec5_product61.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 791161d1 Calling Ultimate with: /usr/bin/java -Dosgi.configuration.area=/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/config -Xmx15G -Xms4m -jar /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data -tc /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/AutomizerReach.xml -i ../sv-benchmarks/c/product-lines/minepump_spec5_product61.cil.c -s /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 12ff1c3352fe657a44d5503b0c0550124efd9c84e66a259e2d68c9ba31095791 --- Real Ultimate output --- This is Ultimate 0.2.2-?-791161d [2022-07-22 17:40:17,040 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-07-22 17:40:17,042 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-07-22 17:40:17,068 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-07-22 17:40:17,069 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-07-22 17:40:17,069 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-07-22 17:40:17,071 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-07-22 17:40:17,072 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-07-22 17:40:17,074 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-07-22 17:40:17,074 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-07-22 17:40:17,075 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-07-22 17:40:17,076 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-07-22 17:40:17,076 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-07-22 17:40:17,077 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-07-22 17:40:17,078 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-07-22 17:40:17,079 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-07-22 17:40:17,080 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-07-22 17:40:17,081 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-07-22 17:40:17,082 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-07-22 17:40:17,084 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-07-22 17:40:17,085 INFO L181 SettingsManager]: Resetting HornVerifier preferences to default values [2022-07-22 17:40:17,086 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-07-22 17:40:17,087 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-07-22 17:40:17,088 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-07-22 17:40:17,089 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-07-22 17:40:17,091 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-07-22 17:40:17,092 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-07-22 17:40:17,092 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-07-22 17:40:17,093 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-07-22 17:40:17,093 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-07-22 17:40:17,094 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-07-22 17:40:17,094 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-07-22 17:40:17,095 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-07-22 17:40:17,096 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-07-22 17:40:17,096 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-07-22 17:40:17,097 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-07-22 17:40:17,097 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-07-22 17:40:17,098 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-07-22 17:40:17,098 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-07-22 17:40:17,099 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-07-22 17:40:17,100 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-07-22 17:40:17,100 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-07-22 17:40:17,101 INFO L101 SettingsManager]: Beginning loading settings from /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/config/svcomp-Reach-32bit-Automizer_Default.epf [2022-07-22 17:40:17,123 INFO L113 SettingsManager]: Loading preferences was successful [2022-07-22 17:40:17,123 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-07-22 17:40:17,124 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-07-22 17:40:17,124 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-07-22 17:40:17,125 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-07-22 17:40:17,125 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-07-22 17:40:17,125 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2022-07-22 17:40:17,126 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2022-07-22 17:40:17,126 INFO L138 SettingsManager]: * Use SBE=true [2022-07-22 17:40:17,126 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-07-22 17:40:17,126 INFO L138 SettingsManager]: * sizeof long=4 [2022-07-22 17:40:17,126 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-07-22 17:40:17,127 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-07-22 17:40:17,127 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-07-22 17:40:17,127 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-07-22 17:40:17,127 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-07-22 17:40:17,127 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-07-22 17:40:17,128 INFO L138 SettingsManager]: * sizeof long double=12 [2022-07-22 17:40:17,128 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-07-22 17:40:17,128 INFO L138 SettingsManager]: * Use constant arrays=true [2022-07-22 17:40:17,128 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-07-22 17:40:17,128 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-07-22 17:40:17,129 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2022-07-22 17:40:17,129 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-07-22 17:40:17,129 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-07-22 17:40:17,129 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-07-22 17:40:17,129 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-07-22 17:40:17,130 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-07-22 17:40:17,130 INFO L138 SettingsManager]: * Trace refinement strategy=CAMEL [2022-07-22 17:40:17,130 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-07-22 17:40:17,130 INFO L138 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2022-07-22 17:40:17,130 INFO L138 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2022-07-22 17:40:17,130 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-07-22 17:40:17,131 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 12ff1c3352fe657a44d5503b0c0550124efd9c84e66a259e2d68c9ba31095791 [2022-07-22 17:40:17,344 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-07-22 17:40:17,371 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-07-22 17:40:17,374 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-07-22 17:40:17,375 INFO L271 PluginConnector]: Initializing CDTParser... [2022-07-22 17:40:17,375 INFO L275 PluginConnector]: CDTParser initialized [2022-07-22 17:40:17,376 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/../sv-benchmarks/c/product-lines/minepump_spec5_product61.cil.c [2022-07-22 17:40:17,447 INFO L220 CDTParser]: Created temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/87461490d/54136cbd86964cd09a2a7f50761a0fcd/FLAG6f25aba93 [2022-07-22 17:40:17,861 INFO L306 CDTParser]: Found 1 translation units. [2022-07-22 17:40:17,861 INFO L160 CDTParser]: Scanning /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product61.cil.c [2022-07-22 17:40:17,878 INFO L349 CDTParser]: About to delete temporary CDT project at /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/87461490d/54136cbd86964cd09a2a7f50761a0fcd/FLAG6f25aba93 [2022-07-22 17:40:17,889 INFO L357 CDTParser]: Successfully deleted /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/data/87461490d/54136cbd86964cd09a2a7f50761a0fcd [2022-07-22 17:40:17,891 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-07-22 17:40:17,892 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-07-22 17:40:17,900 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-07-22 17:40:17,900 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-07-22 17:40:17,903 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-07-22 17:40:17,903 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 22.07 05:40:17" (1/1) ... [2022-07-22 17:40:17,904 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@644d0be8 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:40:17, skipping insertion in model container [2022-07-22 17:40:17,904 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 22.07 05:40:17" (1/1) ... [2022-07-22 17:40:17,910 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-07-22 17:40:17,948 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-07-22 17:40:18,174 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product61.cil.c[18376,18389] [2022-07-22 17:40:18,191 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-07-22 17:40:18,203 INFO L203 MainTranslator]: Completed pre-run [2022-07-22 17:40:18,306 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /storage/repos/ultimate/releaseScripts/default/sv-benchmarks/c/product-lines/minepump_spec5_product61.cil.c[18376,18389] [2022-07-22 17:40:18,315 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-07-22 17:40:18,330 INFO L208 MainTranslator]: Completed translation [2022-07-22 17:40:18,337 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:40:18 WrapperNode [2022-07-22 17:40:18,337 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-07-22 17:40:18,338 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-07-22 17:40:18,338 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-07-22 17:40:18,338 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-07-22 17:40:18,344 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:40:18" (1/1) ... [2022-07-22 17:40:18,357 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:40:18" (1/1) ... [2022-07-22 17:40:18,394 INFO L137 Inliner]: procedures = 59, calls = 163, calls flagged for inlining = 25, calls inlined = 22, statements flattened = 294 [2022-07-22 17:40:18,395 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-07-22 17:40:18,395 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-07-22 17:40:18,396 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-07-22 17:40:18,396 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-07-22 17:40:18,403 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:40:18" (1/1) ... [2022-07-22 17:40:18,403 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:40:18" (1/1) ... [2022-07-22 17:40:18,406 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:40:18" (1/1) ... [2022-07-22 17:40:18,406 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:40:18" (1/1) ... [2022-07-22 17:40:18,412 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:40:18" (1/1) ... [2022-07-22 17:40:18,416 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:40:18" (1/1) ... [2022-07-22 17:40:18,418 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:40:18" (1/1) ... [2022-07-22 17:40:18,420 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-07-22 17:40:18,421 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-07-22 17:40:18,421 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-07-22 17:40:18,421 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-07-22 17:40:18,441 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:40:18" (1/1) ... [2022-07-22 17:40:18,447 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-07-22 17:40:18,457 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-07-22 17:40:18,476 INFO L229 MonitoredProcess]: Starting monitored process 1 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-07-22 17:40:18,498 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-07-22 17:40:18,511 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-07-22 17:40:18,512 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2022-07-22 17:40:18,512 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2022-07-22 17:40:18,512 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-07-22 17:40:18,512 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-07-22 17:40:18,512 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-07-22 17:40:18,512 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-07-22 17:40:18,512 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2022-07-22 17:40:18,512 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2022-07-22 17:40:18,513 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-07-22 17:40:18,513 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-07-22 17:40:18,513 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__methaneQuery [2022-07-22 17:40:18,513 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__methaneQuery [2022-07-22 17:40:18,513 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2022-07-22 17:40:18,513 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2022-07-22 17:40:18,513 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneAlarm [2022-07-22 17:40:18,514 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneAlarm [2022-07-22 17:40:18,514 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2022-07-22 17:40:18,514 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2022-07-22 17:40:18,514 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-07-22 17:40:18,514 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-07-22 17:40:18,515 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-07-22 17:40:18,515 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-07-22 17:40:18,515 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-07-22 17:40:18,599 INFO L234 CfgBuilder]: Building ICFG [2022-07-22 17:40:18,601 INFO L260 CfgBuilder]: Building CFG for each procedure with an implementation [2022-07-22 17:40:18,879 INFO L275 CfgBuilder]: Performing block encoding [2022-07-22 17:40:18,885 INFO L294 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-07-22 17:40:18,885 INFO L299 CfgBuilder]: Removed 2 assume(true) statements. [2022-07-22 17:40:18,887 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 22.07 05:40:18 BoogieIcfgContainer [2022-07-22 17:40:18,887 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-07-22 17:40:18,888 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-07-22 17:40:18,888 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-07-22 17:40:18,891 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-07-22 17:40:18,891 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 22.07 05:40:17" (1/3) ... [2022-07-22 17:40:18,892 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@43e09b7d and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 22.07 05:40:18, skipping insertion in model container [2022-07-22 17:40:18,892 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 22.07 05:40:18" (2/3) ... [2022-07-22 17:40:18,892 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@43e09b7d and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 22.07 05:40:18, skipping insertion in model container [2022-07-22 17:40:18,892 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 22.07 05:40:18" (3/3) ... [2022-07-22 17:40:18,893 INFO L111 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product61.cil.c [2022-07-22 17:40:18,905 INFO L201 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-07-22 17:40:18,905 INFO L160 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-07-22 17:40:18,965 INFO L356 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-07-22 17:40:18,971 INFO L357 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=de.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings@3d979a9, mLbeIndependenceSettings=de.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings@67f6e286 [2022-07-22 17:40:18,971 INFO L358 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-07-22 17:40:18,974 INFO L276 IsEmpty]: Start isEmpty. Operand has 113 states, 83 states have (on average 1.3614457831325302) internal successors, (113), 93 states have internal predecessors, (113), 18 states have call successors, (18), 10 states have call predecessors, (18), 10 states have return successors, (18), 13 states have call predecessors, (18), 18 states have call successors, (18) [2022-07-22 17:40:18,987 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 33 [2022-07-22 17:40:18,987 INFO L187 NwaCegarLoop]: Found error trace [2022-07-22 17:40:18,988 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-22 17:40:18,988 INFO L420 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-22 17:40:18,992 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-22 17:40:18,992 INFO L85 PathProgramCache]: Analyzing trace with hash -1729313638, now seen corresponding path program 1 times [2022-07-22 17:40:18,999 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-22 17:40:18,999 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [494341879] [2022-07-22 17:40:18,999 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-22 17:40:19,000 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-22 17:40:19,092 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:19,193 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2022-07-22 17:40:19,195 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:19,198 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2022-07-22 17:40:19,199 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:19,229 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-07-22 17:40:19,230 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-22 17:40:19,230 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [494341879] [2022-07-22 17:40:19,231 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [494341879] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-22 17:40:19,231 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-22 17:40:19,231 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-07-22 17:40:19,232 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1533289043] [2022-07-22 17:40:19,233 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-22 17:40:19,236 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-07-22 17:40:19,236 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-22 17:40:19,267 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-07-22 17:40:19,269 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-07-22 17:40:19,271 INFO L87 Difference]: Start difference. First operand has 113 states, 83 states have (on average 1.3614457831325302) internal successors, (113), 93 states have internal predecessors, (113), 18 states have call successors, (18), 10 states have call predecessors, (18), 10 states have return successors, (18), 13 states have call predecessors, (18), 18 states have call successors, (18) Second operand has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-07-22 17:40:19,301 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-22 17:40:19,301 INFO L93 Difference]: Finished difference Result 217 states and 292 transitions. [2022-07-22 17:40:19,302 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-07-22 17:40:19,303 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 32 [2022-07-22 17:40:19,303 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-22 17:40:19,311 INFO L225 Difference]: With dead ends: 217 [2022-07-22 17:40:19,311 INFO L226 Difference]: Without dead ends: 104 [2022-07-22 17:40:19,315 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-07-22 17:40:19,320 INFO L413 NwaCegarLoop]: 143 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 143 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-07-22 17:40:19,320 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 143 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-07-22 17:40:19,337 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 104 states. [2022-07-22 17:40:19,363 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 104 to 104. [2022-07-22 17:40:19,364 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 104 states, 76 states have (on average 1.3026315789473684) internal successors, (99), 85 states have internal predecessors, (99), 18 states have call successors, (18), 10 states have call predecessors, (18), 9 states have return successors, (17), 12 states have call predecessors, (17), 17 states have call successors, (17) [2022-07-22 17:40:19,367 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 104 states to 104 states and 134 transitions. [2022-07-22 17:40:19,368 INFO L78 Accepts]: Start accepts. Automaton has 104 states and 134 transitions. Word has length 32 [2022-07-22 17:40:19,368 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-22 17:40:19,369 INFO L495 AbstractCegarLoop]: Abstraction has 104 states and 134 transitions. [2022-07-22 17:40:19,369 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-07-22 17:40:19,369 INFO L276 IsEmpty]: Start isEmpty. Operand 104 states and 134 transitions. [2022-07-22 17:40:19,371 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 34 [2022-07-22 17:40:19,371 INFO L187 NwaCegarLoop]: Found error trace [2022-07-22 17:40:19,371 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-22 17:40:19,372 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-07-22 17:40:19,372 INFO L420 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-22 17:40:19,372 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-22 17:40:19,372 INFO L85 PathProgramCache]: Analyzing trace with hash 79270819, now seen corresponding path program 1 times [2022-07-22 17:40:19,372 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-22 17:40:19,372 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2114009844] [2022-07-22 17:40:19,373 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-22 17:40:19,373 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-22 17:40:19,417 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:19,485 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2022-07-22 17:40:19,496 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:19,502 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 25 [2022-07-22 17:40:19,503 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:19,504 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-07-22 17:40:19,505 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-22 17:40:19,505 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2114009844] [2022-07-22 17:40:19,505 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2114009844] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-22 17:40:19,505 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-22 17:40:19,505 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-07-22 17:40:19,506 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [839400140] [2022-07-22 17:40:19,506 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-22 17:40:19,507 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-07-22 17:40:19,507 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-22 17:40:19,511 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-07-22 17:40:19,511 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-07-22 17:40:19,512 INFO L87 Difference]: Start difference. First operand 104 states and 134 transitions. Second operand has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-07-22 17:40:19,532 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-22 17:40:19,532 INFO L93 Difference]: Finished difference Result 173 states and 223 transitions. [2022-07-22 17:40:19,532 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-07-22 17:40:19,533 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 33 [2022-07-22 17:40:19,533 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-22 17:40:19,534 INFO L225 Difference]: With dead ends: 173 [2022-07-22 17:40:19,534 INFO L226 Difference]: Without dead ends: 95 [2022-07-22 17:40:19,538 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-07-22 17:40:19,543 INFO L413 NwaCegarLoop]: 121 mSDtfsCounter, 12 mSDsluCounter, 105 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 15 SdHoareTripleChecker+Valid, 226 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-07-22 17:40:19,543 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [15 Valid, 226 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-07-22 17:40:19,544 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 95 states. [2022-07-22 17:40:19,553 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 95 to 95. [2022-07-22 17:40:19,554 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 95 states, 70 states have (on average 1.3142857142857143) internal successors, (92), 79 states have internal predecessors, (92), 15 states have call successors, (15), 9 states have call predecessors, (15), 9 states have return successors, (15), 10 states have call predecessors, (15), 15 states have call successors, (15) [2022-07-22 17:40:19,555 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 95 states to 95 states and 122 transitions. [2022-07-22 17:40:19,555 INFO L78 Accepts]: Start accepts. Automaton has 95 states and 122 transitions. Word has length 33 [2022-07-22 17:40:19,555 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-22 17:40:19,555 INFO L495 AbstractCegarLoop]: Abstraction has 95 states and 122 transitions. [2022-07-22 17:40:19,556 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-07-22 17:40:19,556 INFO L276 IsEmpty]: Start isEmpty. Operand 95 states and 122 transitions. [2022-07-22 17:40:19,557 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 38 [2022-07-22 17:40:19,557 INFO L187 NwaCegarLoop]: Found error trace [2022-07-22 17:40:19,557 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-22 17:40:19,557 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-07-22 17:40:19,557 INFO L420 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-22 17:40:19,558 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-22 17:40:19,558 INFO L85 PathProgramCache]: Analyzing trace with hash 1908446694, now seen corresponding path program 1 times [2022-07-22 17:40:19,558 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-22 17:40:19,558 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [228592384] [2022-07-22 17:40:19,558 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-22 17:40:19,559 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-22 17:40:19,602 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:19,664 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2022-07-22 17:40:19,666 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:19,668 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 29 [2022-07-22 17:40:19,669 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:19,670 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-07-22 17:40:19,671 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-22 17:40:19,671 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [228592384] [2022-07-22 17:40:19,677 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [228592384] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-22 17:40:19,677 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-22 17:40:19,677 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-07-22 17:40:19,678 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [406428294] [2022-07-22 17:40:19,678 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-22 17:40:19,678 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-07-22 17:40:19,678 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-22 17:40:19,679 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-07-22 17:40:19,679 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=10, Invalid=20, Unknown=0, NotChecked=0, Total=30 [2022-07-22 17:40:19,679 INFO L87 Difference]: Start difference. First operand 95 states and 122 transitions. Second operand has 6 states, 6 states have (on average 5.0) internal successors, (30), 6 states have internal predecessors, (30), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-07-22 17:40:19,857 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-22 17:40:19,858 INFO L93 Difference]: Finished difference Result 182 states and 237 transitions. [2022-07-22 17:40:19,858 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-07-22 17:40:19,858 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 5.0) internal successors, (30), 6 states have internal predecessors, (30), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 37 [2022-07-22 17:40:19,859 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-22 17:40:19,860 INFO L225 Difference]: With dead ends: 182 [2022-07-22 17:40:19,860 INFO L226 Difference]: Without dead ends: 95 [2022-07-22 17:40:19,861 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=22, Invalid=34, Unknown=0, NotChecked=0, Total=56 [2022-07-22 17:40:19,862 INFO L413 NwaCegarLoop]: 115 mSDtfsCounter, 150 mSDsluCounter, 142 mSDsCounter, 0 mSdLazyCounter, 65 mSolverCounterSat, 10 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 150 SdHoareTripleChecker+Valid, 257 SdHoareTripleChecker+Invalid, 75 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 10 IncrementalHoareTripleChecker+Valid, 65 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-07-22 17:40:19,863 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [150 Valid, 257 Invalid, 75 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [10 Valid, 65 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-07-22 17:40:19,864 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 95 states. [2022-07-22 17:40:19,872 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 95 to 95. [2022-07-22 17:40:19,872 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 95 states, 70 states have (on average 1.3) internal successors, (91), 79 states have internal predecessors, (91), 15 states have call successors, (15), 9 states have call predecessors, (15), 9 states have return successors, (15), 10 states have call predecessors, (15), 15 states have call successors, (15) [2022-07-22 17:40:19,873 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 95 states to 95 states and 121 transitions. [2022-07-22 17:40:19,873 INFO L78 Accepts]: Start accepts. Automaton has 95 states and 121 transitions. Word has length 37 [2022-07-22 17:40:19,874 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-22 17:40:19,875 INFO L495 AbstractCegarLoop]: Abstraction has 95 states and 121 transitions. [2022-07-22 17:40:19,875 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 5.0) internal successors, (30), 6 states have internal predecessors, (30), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-07-22 17:40:19,875 INFO L276 IsEmpty]: Start isEmpty. Operand 95 states and 121 transitions. [2022-07-22 17:40:19,877 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 51 [2022-07-22 17:40:19,877 INFO L187 NwaCegarLoop]: Found error trace [2022-07-22 17:40:19,877 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-22 17:40:19,877 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2022-07-22 17:40:19,877 INFO L420 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-22 17:40:19,878 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-22 17:40:19,878 INFO L85 PathProgramCache]: Analyzing trace with hash 366477468, now seen corresponding path program 1 times [2022-07-22 17:40:19,878 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-22 17:40:19,878 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [145706224] [2022-07-22 17:40:19,879 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-22 17:40:19,879 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-22 17:40:19,903 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:19,921 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2022-07-22 17:40:19,923 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:19,924 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 27 [2022-07-22 17:40:19,925 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:19,930 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 34 [2022-07-22 17:40:19,931 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:19,932 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 42 [2022-07-22 17:40:19,933 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:19,934 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-07-22 17:40:19,935 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-22 17:40:19,935 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [145706224] [2022-07-22 17:40:19,935 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [145706224] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-22 17:40:19,935 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-22 17:40:19,935 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-07-22 17:40:19,936 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1455115381] [2022-07-22 17:40:19,936 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-22 17:40:19,936 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-07-22 17:40:19,936 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-22 17:40:19,937 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-07-22 17:40:19,937 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-07-22 17:40:19,937 INFO L87 Difference]: Start difference. First operand 95 states and 121 transitions. Second operand has 4 states, 4 states have (on average 9.75) internal successors, (39), 3 states have internal predecessors, (39), 2 states have call successors, (5), 2 states have call predecessors, (5), 1 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2022-07-22 17:40:20,111 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-22 17:40:20,111 INFO L93 Difference]: Finished difference Result 270 states and 348 transitions. [2022-07-22 17:40:20,112 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-07-22 17:40:20,112 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 9.75) internal successors, (39), 3 states have internal predecessors, (39), 2 states have call successors, (5), 2 states have call predecessors, (5), 1 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) Word has length 50 [2022-07-22 17:40:20,112 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-22 17:40:20,118 INFO L225 Difference]: With dead ends: 270 [2022-07-22 17:40:20,118 INFO L226 Difference]: Without dead ends: 183 [2022-07-22 17:40:20,119 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 13 GetRequests, 10 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2022-07-22 17:40:20,121 INFO L413 NwaCegarLoop]: 111 mSDtfsCounter, 193 mSDsluCounter, 123 mSDsCounter, 0 mSdLazyCounter, 82 mSolverCounterSat, 51 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 200 SdHoareTripleChecker+Valid, 234 SdHoareTripleChecker+Invalid, 133 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 51 IncrementalHoareTripleChecker+Valid, 82 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-07-22 17:40:20,121 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [200 Valid, 234 Invalid, 133 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [51 Valid, 82 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-07-22 17:40:20,122 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 183 states. [2022-07-22 17:40:20,136 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 183 to 177. [2022-07-22 17:40:20,137 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 177 states, 132 states have (on average 1.2727272727272727) internal successors, (168), 141 states have internal predecessors, (168), 22 states have call successors, (22), 17 states have call predecessors, (22), 22 states have return successors, (33), 24 states have call predecessors, (33), 22 states have call successors, (33) [2022-07-22 17:40:20,138 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 177 states to 177 states and 223 transitions. [2022-07-22 17:40:20,139 INFO L78 Accepts]: Start accepts. Automaton has 177 states and 223 transitions. Word has length 50 [2022-07-22 17:40:20,139 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-22 17:40:20,139 INFO L495 AbstractCegarLoop]: Abstraction has 177 states and 223 transitions. [2022-07-22 17:40:20,139 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 9.75) internal successors, (39), 3 states have internal predecessors, (39), 2 states have call successors, (5), 2 states have call predecessors, (5), 1 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2022-07-22 17:40:20,139 INFO L276 IsEmpty]: Start isEmpty. Operand 177 states and 223 transitions. [2022-07-22 17:40:20,141 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 59 [2022-07-22 17:40:20,141 INFO L187 NwaCegarLoop]: Found error trace [2022-07-22 17:40:20,141 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-22 17:40:20,141 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-07-22 17:40:20,141 INFO L420 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-22 17:40:20,142 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-22 17:40:20,142 INFO L85 PathProgramCache]: Analyzing trace with hash -1653642302, now seen corresponding path program 1 times [2022-07-22 17:40:20,142 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-22 17:40:20,142 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1726587672] [2022-07-22 17:40:20,143 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-22 17:40:20,143 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-22 17:40:20,161 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:20,192 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2022-07-22 17:40:20,194 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:20,200 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 27 [2022-07-22 17:40:20,203 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:20,208 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2022-07-22 17:40:20,210 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:20,224 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2022-07-22 17:40:20,225 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:20,226 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 50 [2022-07-22 17:40:20,227 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:20,228 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-07-22 17:40:20,228 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-22 17:40:20,229 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1726587672] [2022-07-22 17:40:20,229 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1726587672] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-22 17:40:20,229 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-22 17:40:20,229 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-07-22 17:40:20,229 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1969265948] [2022-07-22 17:40:20,229 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-22 17:40:20,230 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-07-22 17:40:20,230 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-22 17:40:20,231 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-07-22 17:40:20,231 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-07-22 17:40:20,231 INFO L87 Difference]: Start difference. First operand 177 states and 223 transitions. Second operand has 6 states, 6 states have (on average 7.5) internal successors, (45), 5 states have internal predecessors, (45), 3 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 3 states have call successors, (5) [2022-07-22 17:40:20,536 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-22 17:40:20,536 INFO L93 Difference]: Finished difference Result 502 states and 666 transitions. [2022-07-22 17:40:20,537 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 12 states. [2022-07-22 17:40:20,537 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.5) internal successors, (45), 5 states have internal predecessors, (45), 3 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 3 states have call successors, (5) Word has length 58 [2022-07-22 17:40:20,538 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-22 17:40:20,542 INFO L225 Difference]: With dead ends: 502 [2022-07-22 17:40:20,542 INFO L226 Difference]: Without dead ends: 333 [2022-07-22 17:40:20,544 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 26 GetRequests, 14 SyntacticMatches, 1 SemanticMatches, 11 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 19 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=45, Invalid=111, Unknown=0, NotChecked=0, Total=156 [2022-07-22 17:40:20,554 INFO L413 NwaCegarLoop]: 127 mSDtfsCounter, 245 mSDsluCounter, 320 mSDsCounter, 0 mSdLazyCounter, 205 mSolverCounterSat, 74 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 253 SdHoareTripleChecker+Valid, 447 SdHoareTripleChecker+Invalid, 279 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 74 IncrementalHoareTripleChecker+Valid, 205 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-07-22 17:40:20,554 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [253 Valid, 447 Invalid, 279 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [74 Valid, 205 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-07-22 17:40:20,558 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 333 states. [2022-07-22 17:40:20,592 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 333 to 285. [2022-07-22 17:40:20,593 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 285 states, 214 states have (on average 1.2616822429906542) internal successors, (270), 226 states have internal predecessors, (270), 36 states have call successors, (36), 29 states have call predecessors, (36), 34 states have return successors, (55), 38 states have call predecessors, (55), 36 states have call successors, (55) [2022-07-22 17:40:20,595 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 285 states to 285 states and 361 transitions. [2022-07-22 17:40:20,596 INFO L78 Accepts]: Start accepts. Automaton has 285 states and 361 transitions. Word has length 58 [2022-07-22 17:40:20,596 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-22 17:40:20,596 INFO L495 AbstractCegarLoop]: Abstraction has 285 states and 361 transitions. [2022-07-22 17:40:20,596 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.5) internal successors, (45), 5 states have internal predecessors, (45), 3 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 3 states have call successors, (5) [2022-07-22 17:40:20,597 INFO L276 IsEmpty]: Start isEmpty. Operand 285 states and 361 transitions. [2022-07-22 17:40:20,598 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 59 [2022-07-22 17:40:20,598 INFO L187 NwaCegarLoop]: Found error trace [2022-07-22 17:40:20,599 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-22 17:40:20,599 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2022-07-22 17:40:20,599 INFO L420 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-22 17:40:20,599 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-22 17:40:20,600 INFO L85 PathProgramCache]: Analyzing trace with hash -1794190912, now seen corresponding path program 1 times [2022-07-22 17:40:20,600 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-22 17:40:20,600 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [778862963] [2022-07-22 17:40:20,600 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-22 17:40:20,601 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-22 17:40:20,618 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:20,647 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2022-07-22 17:40:20,649 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:20,654 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 27 [2022-07-22 17:40:20,658 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:20,663 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2022-07-22 17:40:20,665 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:20,671 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2022-07-22 17:40:20,672 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:20,673 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 50 [2022-07-22 17:40:20,674 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:20,689 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2022-07-22 17:40:20,689 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-22 17:40:20,689 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [778862963] [2022-07-22 17:40:20,690 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [778862963] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-22 17:40:20,690 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-22 17:40:20,690 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2022-07-22 17:40:20,690 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1425239343] [2022-07-22 17:40:20,690 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-22 17:40:20,691 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2022-07-22 17:40:20,691 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-22 17:40:20,691 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2022-07-22 17:40:20,692 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2022-07-22 17:40:20,692 INFO L87 Difference]: Start difference. First operand 285 states and 361 transitions. Second operand has 7 states, 7 states have (on average 6.714285714285714) internal successors, (47), 5 states have internal predecessors, (47), 2 states have call successors, (6), 2 states have call predecessors, (6), 3 states have return successors, (5), 3 states have call predecessors, (5), 2 states have call successors, (5) [2022-07-22 17:40:20,951 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-22 17:40:20,952 INFO L93 Difference]: Finished difference Result 579 states and 742 transitions. [2022-07-22 17:40:20,952 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 13 states. [2022-07-22 17:40:20,953 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 6.714285714285714) internal successors, (47), 5 states have internal predecessors, (47), 2 states have call successors, (6), 2 states have call predecessors, (6), 3 states have return successors, (5), 3 states have call predecessors, (5), 2 states have call successors, (5) Word has length 58 [2022-07-22 17:40:20,953 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-22 17:40:20,956 INFO L225 Difference]: With dead ends: 579 [2022-07-22 17:40:20,956 INFO L226 Difference]: Without dead ends: 302 [2022-07-22 17:40:20,957 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 27 GetRequests, 14 SyntacticMatches, 0 SemanticMatches, 13 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 25 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=53, Invalid=157, Unknown=0, NotChecked=0, Total=210 [2022-07-22 17:40:20,961 INFO L413 NwaCegarLoop]: 117 mSDtfsCounter, 161 mSDsluCounter, 399 mSDsCounter, 0 mSdLazyCounter, 251 mSolverCounterSat, 46 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 168 SdHoareTripleChecker+Valid, 516 SdHoareTripleChecker+Invalid, 297 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 46 IncrementalHoareTripleChecker+Valid, 251 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-07-22 17:40:20,963 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [168 Valid, 516 Invalid, 297 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [46 Valid, 251 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-07-22 17:40:20,964 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 302 states. [2022-07-22 17:40:20,991 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 302 to 282. [2022-07-22 17:40:20,993 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 282 states, 211 states have (on average 1.2369668246445498) internal successors, (261), 223 states have internal predecessors, (261), 36 states have call successors, (36), 29 states have call predecessors, (36), 34 states have return successors, (55), 38 states have call predecessors, (55), 36 states have call successors, (55) [2022-07-22 17:40:20,995 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 282 states to 282 states and 352 transitions. [2022-07-22 17:40:20,996 INFO L78 Accepts]: Start accepts. Automaton has 282 states and 352 transitions. Word has length 58 [2022-07-22 17:40:20,996 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-22 17:40:20,996 INFO L495 AbstractCegarLoop]: Abstraction has 282 states and 352 transitions. [2022-07-22 17:40:20,996 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 6.714285714285714) internal successors, (47), 5 states have internal predecessors, (47), 2 states have call successors, (6), 2 states have call predecessors, (6), 3 states have return successors, (5), 3 states have call predecessors, (5), 2 states have call successors, (5) [2022-07-22 17:40:20,997 INFO L276 IsEmpty]: Start isEmpty. Operand 282 states and 352 transitions. [2022-07-22 17:40:21,004 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 65 [2022-07-22 17:40:21,004 INFO L187 NwaCegarLoop]: Found error trace [2022-07-22 17:40:21,004 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-22 17:40:21,004 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2022-07-22 17:40:21,005 INFO L420 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-22 17:40:21,005 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-22 17:40:21,005 INFO L85 PathProgramCache]: Analyzing trace with hash 2009941831, now seen corresponding path program 1 times [2022-07-22 17:40:21,005 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-22 17:40:21,005 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [698861612] [2022-07-22 17:40:21,006 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-22 17:40:21,006 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-22 17:40:21,025 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:21,038 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2022-07-22 17:40:21,039 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:21,042 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 27 [2022-07-22 17:40:21,045 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:21,049 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2022-07-22 17:40:21,052 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:21,069 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2022-07-22 17:40:21,071 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:21,076 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 56 [2022-07-22 17:40:21,079 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:21,080 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-07-22 17:40:21,082 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-22 17:40:21,082 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [698861612] [2022-07-22 17:40:21,083 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [698861612] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-22 17:40:21,083 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-22 17:40:21,083 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-07-22 17:40:21,084 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1129109553] [2022-07-22 17:40:21,084 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-22 17:40:21,085 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-07-22 17:40:21,085 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-22 17:40:21,086 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-07-22 17:40:21,091 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-07-22 17:40:21,091 INFO L87 Difference]: Start difference. First operand 282 states and 352 transitions. Second operand has 6 states, 6 states have (on average 8.5) internal successors, (51), 5 states have internal predecessors, (51), 2 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2022-07-22 17:40:21,231 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-22 17:40:21,231 INFO L93 Difference]: Finished difference Result 574 states and 741 transitions. [2022-07-22 17:40:21,231 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-07-22 17:40:21,232 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 8.5) internal successors, (51), 5 states have internal predecessors, (51), 2 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) Word has length 64 [2022-07-22 17:40:21,233 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-22 17:40:21,235 INFO L225 Difference]: With dead ends: 574 [2022-07-22 17:40:21,235 INFO L226 Difference]: Without dead ends: 300 [2022-07-22 17:40:21,236 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 21 GetRequests, 13 SyntacticMatches, 0 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=32, Invalid=58, Unknown=0, NotChecked=0, Total=90 [2022-07-22 17:40:21,239 INFO L413 NwaCegarLoop]: 106 mSDtfsCounter, 81 mSDsluCounter, 313 mSDsCounter, 0 mSdLazyCounter, 150 mSolverCounterSat, 28 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 86 SdHoareTripleChecker+Valid, 419 SdHoareTripleChecker+Invalid, 178 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 28 IncrementalHoareTripleChecker+Valid, 150 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-07-22 17:40:21,239 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [86 Valid, 419 Invalid, 178 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [28 Valid, 150 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-07-22 17:40:21,240 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 300 states. [2022-07-22 17:40:21,256 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 300 to 288. [2022-07-22 17:40:21,257 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 288 states, 217 states have (on average 1.2304147465437787) internal successors, (267), 229 states have internal predecessors, (267), 36 states have call successors, (36), 29 states have call predecessors, (36), 34 states have return successors, (55), 38 states have call predecessors, (55), 36 states have call successors, (55) [2022-07-22 17:40:21,259 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 288 states to 288 states and 358 transitions. [2022-07-22 17:40:21,259 INFO L78 Accepts]: Start accepts. Automaton has 288 states and 358 transitions. Word has length 64 [2022-07-22 17:40:21,259 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-22 17:40:21,260 INFO L495 AbstractCegarLoop]: Abstraction has 288 states and 358 transitions. [2022-07-22 17:40:21,260 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 8.5) internal successors, (51), 5 states have internal predecessors, (51), 2 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2022-07-22 17:40:21,260 INFO L276 IsEmpty]: Start isEmpty. Operand 288 states and 358 transitions. [2022-07-22 17:40:21,261 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 65 [2022-07-22 17:40:21,261 INFO L187 NwaCegarLoop]: Found error trace [2022-07-22 17:40:21,262 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-22 17:40:21,262 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2022-07-22 17:40:21,262 INFO L420 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-22 17:40:21,263 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-22 17:40:21,263 INFO L85 PathProgramCache]: Analyzing trace with hash -898822071, now seen corresponding path program 1 times [2022-07-22 17:40:21,263 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-22 17:40:21,263 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2119527238] [2022-07-22 17:40:21,263 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-22 17:40:21,263 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-22 17:40:21,287 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:21,320 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2022-07-22 17:40:21,321 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:21,325 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 27 [2022-07-22 17:40:21,328 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:21,332 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2022-07-22 17:40:21,335 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:21,348 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2022-07-22 17:40:21,349 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:21,351 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 56 [2022-07-22 17:40:21,351 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:21,352 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-07-22 17:40:21,352 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-22 17:40:21,352 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2119527238] [2022-07-22 17:40:21,353 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2119527238] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-22 17:40:21,353 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-22 17:40:21,353 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2022-07-22 17:40:21,353 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1546668433] [2022-07-22 17:40:21,353 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-22 17:40:21,354 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2022-07-22 17:40:21,354 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-22 17:40:21,354 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2022-07-22 17:40:21,354 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2022-07-22 17:40:21,355 INFO L87 Difference]: Start difference. First operand 288 states and 358 transitions. Second operand has 7 states, 7 states have (on average 7.285714285714286) internal successors, (51), 6 states have internal predecessors, (51), 2 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2022-07-22 17:40:21,512 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-22 17:40:21,512 INFO L93 Difference]: Finished difference Result 520 states and 660 transitions. [2022-07-22 17:40:21,512 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-07-22 17:40:21,513 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 7.285714285714286) internal successors, (51), 6 states have internal predecessors, (51), 2 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) Word has length 64 [2022-07-22 17:40:21,513 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-22 17:40:21,514 INFO L225 Difference]: With dead ends: 520 [2022-07-22 17:40:21,515 INFO L226 Difference]: Without dead ends: 240 [2022-07-22 17:40:21,516 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 23 GetRequests, 15 SyntacticMatches, 0 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 2 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=25, Invalid=65, Unknown=0, NotChecked=0, Total=90 [2022-07-22 17:40:21,516 INFO L413 NwaCegarLoop]: 105 mSDtfsCounter, 115 mSDsluCounter, 363 mSDsCounter, 0 mSdLazyCounter, 187 mSolverCounterSat, 31 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 121 SdHoareTripleChecker+Valid, 468 SdHoareTripleChecker+Invalid, 218 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 31 IncrementalHoareTripleChecker+Valid, 187 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-07-22 17:40:21,517 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [121 Valid, 468 Invalid, 218 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [31 Valid, 187 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-07-22 17:40:21,517 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 240 states. [2022-07-22 17:40:21,532 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 240 to 235. [2022-07-22 17:40:21,533 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 235 states, 176 states have (on average 1.2102272727272727) internal successors, (213), 186 states have internal predecessors, (213), 30 states have call successors, (30), 24 states have call predecessors, (30), 28 states have return successors, (41), 31 states have call predecessors, (41), 30 states have call successors, (41) [2022-07-22 17:40:21,537 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 235 states to 235 states and 284 transitions. [2022-07-22 17:40:21,537 INFO L78 Accepts]: Start accepts. Automaton has 235 states and 284 transitions. Word has length 64 [2022-07-22 17:40:21,537 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-22 17:40:21,538 INFO L495 AbstractCegarLoop]: Abstraction has 235 states and 284 transitions. [2022-07-22 17:40:21,538 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 7.285714285714286) internal successors, (51), 6 states have internal predecessors, (51), 2 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2022-07-22 17:40:21,538 INFO L276 IsEmpty]: Start isEmpty. Operand 235 states and 284 transitions. [2022-07-22 17:40:21,539 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 69 [2022-07-22 17:40:21,539 INFO L187 NwaCegarLoop]: Found error trace [2022-07-22 17:40:21,539 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-22 17:40:21,540 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2022-07-22 17:40:21,540 INFO L420 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-22 17:40:21,540 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-22 17:40:21,540 INFO L85 PathProgramCache]: Analyzing trace with hash -767563483, now seen corresponding path program 1 times [2022-07-22 17:40:21,540 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-22 17:40:21,540 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1782165264] [2022-07-22 17:40:21,541 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-22 17:40:21,541 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-22 17:40:21,579 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:21,660 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2022-07-22 17:40:21,662 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:21,684 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 22 [2022-07-22 17:40:21,686 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:21,704 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 31 [2022-07-22 17:40:21,708 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:21,719 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2022-07-22 17:40:21,721 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:21,726 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2022-07-22 17:40:21,727 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:21,728 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 60 [2022-07-22 17:40:21,729 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:21,730 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-07-22 17:40:21,730 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-22 17:40:21,730 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1782165264] [2022-07-22 17:40:21,730 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1782165264] provided 1 perfect and 0 imperfect interpolant sequences [2022-07-22 17:40:21,730 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-07-22 17:40:21,730 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [10] imperfect sequences [] total 10 [2022-07-22 17:40:21,730 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1849883000] [2022-07-22 17:40:21,730 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-07-22 17:40:21,731 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 10 states [2022-07-22 17:40:21,731 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-22 17:40:21,731 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 10 interpolants. [2022-07-22 17:40:21,731 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=18, Invalid=72, Unknown=0, NotChecked=0, Total=90 [2022-07-22 17:40:21,732 INFO L87 Difference]: Start difference. First operand 235 states and 284 transitions. Second operand has 10 states, 10 states have (on average 5.3) internal successors, (53), 8 states have internal predecessors, (53), 5 states have call successors, (7), 4 states have call predecessors, (7), 3 states have return successors, (6), 3 states have call predecessors, (6), 5 states have call successors, (6) [2022-07-22 17:40:22,572 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-22 17:40:22,572 INFO L93 Difference]: Finished difference Result 853 states and 1117 transitions. [2022-07-22 17:40:22,573 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 33 states. [2022-07-22 17:40:22,573 INFO L78 Accepts]: Start accepts. Automaton has has 10 states, 10 states have (on average 5.3) internal successors, (53), 8 states have internal predecessors, (53), 5 states have call successors, (7), 4 states have call predecessors, (7), 3 states have return successors, (6), 3 states have call predecessors, (6), 5 states have call successors, (6) Word has length 68 [2022-07-22 17:40:22,573 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-22 17:40:22,577 INFO L225 Difference]: With dead ends: 853 [2022-07-22 17:40:22,577 INFO L226 Difference]: Without dead ends: 681 [2022-07-22 17:40:22,578 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 49 GetRequests, 15 SyntacticMatches, 1 SemanticMatches, 33 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 296 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=221, Invalid=969, Unknown=0, NotChecked=0, Total=1190 [2022-07-22 17:40:22,579 INFO L413 NwaCegarLoop]: 176 mSDtfsCounter, 680 mSDsluCounter, 598 mSDsCounter, 0 mSdLazyCounter, 931 mSolverCounterSat, 273 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.5s Time, 0 mProtectedPredicate, 0 mProtectedAction, 688 SdHoareTripleChecker+Valid, 774 SdHoareTripleChecker+Invalid, 1204 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 273 IncrementalHoareTripleChecker+Valid, 931 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.6s IncrementalHoareTripleChecker+Time [2022-07-22 17:40:22,579 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [688 Valid, 774 Invalid, 1204 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [273 Valid, 931 Invalid, 0 Unknown, 0 Unchecked, 0.6s Time] [2022-07-22 17:40:22,580 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 681 states. [2022-07-22 17:40:22,629 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 681 to 605. [2022-07-22 17:40:22,630 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 605 states, 448 states have (on average 1.2098214285714286) internal successors, (542), 476 states have internal predecessors, (542), 82 states have call successors, (82), 62 states have call predecessors, (82), 74 states have return successors, (132), 84 states have call predecessors, (132), 82 states have call successors, (132) [2022-07-22 17:40:22,633 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 605 states to 605 states and 756 transitions. [2022-07-22 17:40:22,633 INFO L78 Accepts]: Start accepts. Automaton has 605 states and 756 transitions. Word has length 68 [2022-07-22 17:40:22,633 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-22 17:40:22,633 INFO L495 AbstractCegarLoop]: Abstraction has 605 states and 756 transitions. [2022-07-22 17:40:22,633 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 10 states, 10 states have (on average 5.3) internal successors, (53), 8 states have internal predecessors, (53), 5 states have call successors, (7), 4 states have call predecessors, (7), 3 states have return successors, (6), 3 states have call predecessors, (6), 5 states have call successors, (6) [2022-07-22 17:40:22,633 INFO L276 IsEmpty]: Start isEmpty. Operand 605 states and 756 transitions. [2022-07-22 17:40:22,635 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 122 [2022-07-22 17:40:22,635 INFO L187 NwaCegarLoop]: Found error trace [2022-07-22 17:40:22,635 INFO L195 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-22 17:40:22,635 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2022-07-22 17:40:22,635 INFO L420 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-22 17:40:22,635 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-22 17:40:22,636 INFO L85 PathProgramCache]: Analyzing trace with hash -1564090535, now seen corresponding path program 1 times [2022-07-22 17:40:22,636 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-22 17:40:22,636 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1158285153] [2022-07-22 17:40:22,636 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-22 17:40:22,636 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-22 17:40:22,654 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:22,697 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2022-07-22 17:40:22,698 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:22,709 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2022-07-22 17:40:22,713 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:22,725 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2022-07-22 17:40:22,725 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:22,732 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 10 [2022-07-22 17:40:22,734 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:22,738 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2022-07-22 17:40:22,740 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:22,744 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2022-07-22 17:40:22,745 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:22,746 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 73 [2022-07-22 17:40:22,746 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:22,756 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 84 [2022-07-22 17:40:22,757 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:22,758 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 91 [2022-07-22 17:40:22,760 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:22,762 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2022-07-22 17:40:22,762 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:22,763 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2022-07-22 17:40:22,763 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:22,764 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 113 [2022-07-22 17:40:22,764 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:22,765 INFO L134 CoverageAnalysis]: Checked inductivity of 41 backedges. 17 proven. 11 refuted. 0 times theorem prover too weak. 13 trivial. 0 not checked. [2022-07-22 17:40:22,766 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-22 17:40:22,766 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1158285153] [2022-07-22 17:40:22,766 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1158285153] provided 0 perfect and 1 imperfect interpolant sequences [2022-07-22 17:40:22,766 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [922718578] [2022-07-22 17:40:22,766 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-22 17:40:22,766 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-07-22 17:40:22,766 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-07-22 17:40:22,775 INFO L229 MonitoredProcess]: Starting monitored process 2 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-07-22 17:40:22,796 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2022-07-22 17:40:22,882 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:22,901 INFO L263 TraceCheckSpWp]: Trace formula consists of 535 conjuncts, 8 conjunts are in the unsatisfiable core [2022-07-22 17:40:22,908 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-07-22 17:40:23,083 INFO L134 CoverageAnalysis]: Checked inductivity of 41 backedges. 30 proven. 11 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-07-22 17:40:23,084 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-07-22 17:40:23,267 INFO L134 CoverageAnalysis]: Checked inductivity of 41 backedges. 18 proven. 10 refuted. 0 times theorem prover too weak. 13 trivial. 0 not checked. [2022-07-22 17:40:23,268 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [922718578] provided 0 perfect and 2 imperfect interpolant sequences [2022-07-22 17:40:23,268 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-07-22 17:40:23,268 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [12, 6, 6] total 16 [2022-07-22 17:40:23,268 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1117529237] [2022-07-22 17:40:23,268 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-07-22 17:40:23,269 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 16 states [2022-07-22 17:40:23,269 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-22 17:40:23,269 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 16 interpolants. [2022-07-22 17:40:23,270 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=38, Invalid=202, Unknown=0, NotChecked=0, Total=240 [2022-07-22 17:40:23,270 INFO L87 Difference]: Start difference. First operand 605 states and 756 transitions. Second operand has 16 states, 16 states have (on average 8.875) internal successors, (142), 11 states have internal predecessors, (142), 5 states have call successors, (29), 7 states have call predecessors, (29), 6 states have return successors, (23), 7 states have call predecessors, (23), 5 states have call successors, (23) [2022-07-22 17:40:24,300 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-22 17:40:24,300 INFO L93 Difference]: Finished difference Result 1294 states and 1660 transitions. [2022-07-22 17:40:24,300 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 35 states. [2022-07-22 17:40:24,301 INFO L78 Accepts]: Start accepts. Automaton has has 16 states, 16 states have (on average 8.875) internal successors, (142), 11 states have internal predecessors, (142), 5 states have call successors, (29), 7 states have call predecessors, (29), 6 states have return successors, (23), 7 states have call predecessors, (23), 5 states have call successors, (23) Word has length 121 [2022-07-22 17:40:24,301 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-22 17:40:24,305 INFO L225 Difference]: With dead ends: 1294 [2022-07-22 17:40:24,305 INFO L226 Difference]: Without dead ends: 750 [2022-07-22 17:40:24,308 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 322 GetRequests, 278 SyntacticMatches, 1 SemanticMatches, 43 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 460 ImplicationChecksByTransitivity, 0.4s TimeCoverageRelationStatistics Valid=353, Invalid=1627, Unknown=0, NotChecked=0, Total=1980 [2022-07-22 17:40:24,308 INFO L413 NwaCegarLoop]: 246 mSDtfsCounter, 544 mSDsluCounter, 1159 mSDsCounter, 0 mSdLazyCounter, 1289 mSolverCounterSat, 273 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.5s Time, 0 mProtectedPredicate, 0 mProtectedAction, 545 SdHoareTripleChecker+Valid, 1405 SdHoareTripleChecker+Invalid, 1562 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 273 IncrementalHoareTripleChecker+Valid, 1289 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.6s IncrementalHoareTripleChecker+Time [2022-07-22 17:40:24,309 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [545 Valid, 1405 Invalid, 1562 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [273 Valid, 1289 Invalid, 0 Unknown, 0 Unchecked, 0.6s Time] [2022-07-22 17:40:24,310 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 750 states. [2022-07-22 17:40:24,350 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 750 to 666. [2022-07-22 17:40:24,352 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 666 states, 488 states have (on average 1.1967213114754098) internal successors, (584), 524 states have internal predecessors, (584), 92 states have call successors, (92), 76 states have call predecessors, (92), 85 states have return successors, (124), 89 states have call predecessors, (124), 92 states have call successors, (124) [2022-07-22 17:40:24,355 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 666 states to 666 states and 800 transitions. [2022-07-22 17:40:24,355 INFO L78 Accepts]: Start accepts. Automaton has 666 states and 800 transitions. Word has length 121 [2022-07-22 17:40:24,355 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-22 17:40:24,355 INFO L495 AbstractCegarLoop]: Abstraction has 666 states and 800 transitions. [2022-07-22 17:40:24,356 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 16 states, 16 states have (on average 8.875) internal successors, (142), 11 states have internal predecessors, (142), 5 states have call successors, (29), 7 states have call predecessors, (29), 6 states have return successors, (23), 7 states have call predecessors, (23), 5 states have call successors, (23) [2022-07-22 17:40:24,356 INFO L276 IsEmpty]: Start isEmpty. Operand 666 states and 800 transitions. [2022-07-22 17:40:24,359 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 212 [2022-07-22 17:40:24,359 INFO L187 NwaCegarLoop]: Found error trace [2022-07-22 17:40:24,359 INFO L195 NwaCegarLoop]: trace histogram [5, 5, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-22 17:40:24,389 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2022-07-22 17:40:24,579 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2022-07-22 17:40:24,579 INFO L420 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-07-22 17:40:24,580 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-07-22 17:40:24,580 INFO L85 PathProgramCache]: Analyzing trace with hash 1147724611, now seen corresponding path program 1 times [2022-07-22 17:40:24,580 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-07-22 17:40:24,580 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1315001092] [2022-07-22 17:40:24,580 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-22 17:40:24,580 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-07-22 17:40:24,607 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:24,643 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2022-07-22 17:40:24,644 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:24,651 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2022-07-22 17:40:24,653 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:24,656 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2022-07-22 17:40:24,656 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:24,661 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 10 [2022-07-22 17:40:24,663 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:24,665 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2022-07-22 17:40:24,666 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:24,669 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2022-07-22 17:40:24,669 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:24,670 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 71 [2022-07-22 17:40:24,672 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:24,675 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2022-07-22 17:40:24,676 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:24,677 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2022-07-22 17:40:24,677 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:24,678 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-07-22 17:40:24,679 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:24,681 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2022-07-22 17:40:24,681 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:24,682 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2022-07-22 17:40:24,682 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:24,683 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 124 [2022-07-22 17:40:24,686 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:24,722 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2022-07-22 17:40:24,723 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:24,724 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2022-07-22 17:40:24,724 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:24,725 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-07-22 17:40:24,726 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:24,726 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 165 [2022-07-22 17:40:24,727 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:24,728 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 174 [2022-07-22 17:40:24,731 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:24,733 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2022-07-22 17:40:24,735 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:24,736 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2022-07-22 17:40:24,737 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:24,738 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 203 [2022-07-22 17:40:24,738 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:24,739 INFO L134 CoverageAnalysis]: Checked inductivity of 225 backedges. 66 proven. 5 refuted. 0 times theorem prover too weak. 154 trivial. 0 not checked. [2022-07-22 17:40:24,739 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-07-22 17:40:24,740 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1315001092] [2022-07-22 17:40:24,740 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1315001092] provided 0 perfect and 1 imperfect interpolant sequences [2022-07-22 17:40:24,740 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1571615701] [2022-07-22 17:40:24,740 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-07-22 17:40:24,740 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-07-22 17:40:24,740 INFO L189 MonitoredProcess]: No working directory specified, using /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 [2022-07-22 17:40:24,741 INFO L229 MonitoredProcess]: Starting monitored process 3 with /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-07-22 17:40:24,765 INFO L327 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2022-07-22 17:40:24,895 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-07-22 17:40:24,898 INFO L263 TraceCheckSpWp]: Trace formula consists of 769 conjuncts, 13 conjunts are in the unsatisfiable core [2022-07-22 17:40:24,904 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-07-22 17:40:25,078 INFO L134 CoverageAnalysis]: Checked inductivity of 225 backedges. 163 proven. 4 refuted. 0 times theorem prover too weak. 58 trivial. 0 not checked. [2022-07-22 17:40:25,078 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-07-22 17:40:25,525 INFO L134 CoverageAnalysis]: Checked inductivity of 225 backedges. 77 proven. 39 refuted. 0 times theorem prover too weak. 109 trivial. 0 not checked. [2022-07-22 17:40:25,525 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1571615701] provided 0 perfect and 2 imperfect interpolant sequences [2022-07-22 17:40:25,526 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-07-22 17:40:25,526 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [10, 10, 11] total 25 [2022-07-22 17:40:25,526 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [266891950] [2022-07-22 17:40:25,526 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-07-22 17:40:25,527 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 25 states [2022-07-22 17:40:25,527 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-07-22 17:40:25,527 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 25 interpolants. [2022-07-22 17:40:25,527 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=119, Invalid=481, Unknown=0, NotChecked=0, Total=600 [2022-07-22 17:40:25,528 INFO L87 Difference]: Start difference. First operand 666 states and 800 transitions. Second operand has 25 states, 25 states have (on average 8.96) internal successors, (224), 21 states have internal predecessors, (224), 9 states have call successors, (41), 9 states have call predecessors, (41), 9 states have return successors, (40), 8 states have call predecessors, (40), 9 states have call successors, (40) [2022-07-22 17:40:26,685 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-07-22 17:40:26,685 INFO L93 Difference]: Finished difference Result 1381 states and 1712 transitions. [2022-07-22 17:40:26,686 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 28 states. [2022-07-22 17:40:26,686 INFO L78 Accepts]: Start accepts. Automaton has has 25 states, 25 states have (on average 8.96) internal successors, (224), 21 states have internal predecessors, (224), 9 states have call successors, (41), 9 states have call predecessors, (41), 9 states have return successors, (40), 8 states have call predecessors, (40), 9 states have call successors, (40) Word has length 211 [2022-07-22 17:40:26,686 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-07-22 17:40:26,687 INFO L225 Difference]: With dead ends: 1381 [2022-07-22 17:40:26,687 INFO L226 Difference]: Without dead ends: 0 [2022-07-22 17:40:26,691 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 503 GetRequests, 454 SyntacticMatches, 3 SemanticMatches, 46 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 435 ImplicationChecksByTransitivity, 0.5s TimeCoverageRelationStatistics Valid=487, Invalid=1769, Unknown=0, NotChecked=0, Total=2256 [2022-07-22 17:40:26,691 INFO L413 NwaCegarLoop]: 151 mSDtfsCounter, 740 mSDsluCounter, 789 mSDsCounter, 0 mSdLazyCounter, 1522 mSolverCounterSat, 290 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.6s Time, 0 mProtectedPredicate, 0 mProtectedAction, 743 SdHoareTripleChecker+Valid, 940 SdHoareTripleChecker+Invalid, 1812 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 290 IncrementalHoareTripleChecker+Valid, 1522 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.8s IncrementalHoareTripleChecker+Time [2022-07-22 17:40:26,691 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [743 Valid, 940 Invalid, 1812 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [290 Valid, 1522 Invalid, 0 Unknown, 0 Unchecked, 0.8s Time] [2022-07-22 17:40:26,692 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2022-07-22 17:40:26,692 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2022-07-22 17:40:26,692 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-07-22 17:40:26,692 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2022-07-22 17:40:26,692 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 211 [2022-07-22 17:40:26,692 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-07-22 17:40:26,692 INFO L495 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2022-07-22 17:40:26,693 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 25 states, 25 states have (on average 8.96) internal successors, (224), 21 states have internal predecessors, (224), 9 states have call successors, (41), 9 states have call predecessors, (41), 9 states have return successors, (40), 8 states have call predecessors, (40), 9 states have call successors, (40) [2022-07-22 17:40:26,693 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2022-07-22 17:40:26,693 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-07-22 17:40:26,695 INFO L805 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-07-22 17:40:26,723 INFO L540 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Forceful destruction successful, exit code 0 [2022-07-22 17:40:26,911 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable10 [2022-07-22 17:40:26,913 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2022-07-22 17:40:31,762 INFO L895 garLoopResultBuilder]: At program point deactivatePumpENTRY(lines 270 277) the Hoare annotation is: (or (= ~pumpRunning~0 |old(~pumpRunning~0)|) (not (= 1 ~systemActive~0)) (not (<= 1 |old(~pumpRunning~0)|)) (not (<= ~waterLevel~0 1)) (not (<= 1 ~switchedOnBeforeTS~0))) [2022-07-22 17:40:31,762 INFO L899 garLoopResultBuilder]: For program point deactivatePumpEXIT(lines 270 277) no Hoare annotation was computed. [2022-07-22 17:40:31,762 INFO L899 garLoopResultBuilder]: For program point deactivatePumpFINAL(lines 270 277) no Hoare annotation was computed. [2022-07-22 17:40:31,763 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__baseEXIT(lines 160 166) no Hoare annotation was computed. [2022-07-22 17:40:31,763 INFO L902 garLoopResultBuilder]: At program point processEnvironment__wrappee__baseFINAL(lines 160 166) the Hoare annotation is: true [2022-07-22 17:40:31,763 INFO L895 garLoopResultBuilder]: At program point L213(line 213) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0)) (.cse2 (not (= 1 ~systemActive~0))) (.cse3 (not (<= ~waterLevel~0 1)))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse0 .cse1 .cse2 (not (= 2 ~waterLevel~0))) (or .cse2 (not (<= 1 |old(~pumpRunning~0)|)) .cse3 (not (<= 1 ~switchedOnBeforeTS~0))))) [2022-07-22 17:40:31,763 INFO L899 garLoopResultBuilder]: For program point L213-1(lines 194 218) no Hoare annotation was computed. [2022-07-22 17:40:31,764 INFO L895 garLoopResultBuilder]: At program point L368(lines 353 371) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0)))) (and (or (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 (not (<= 1 |old(~pumpRunning~0)|)) (not (<= ~waterLevel~0 1)) (not (<= 1 ~switchedOnBeforeTS~0))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 (not (<= ~waterLevel~0 2))))) [2022-07-22 17:40:31,764 INFO L899 garLoopResultBuilder]: For program point L362(lines 362 366) no Hoare annotation was computed. [2022-07-22 17:40:31,764 INFO L899 garLoopResultBuilder]: For program point L362-2(lines 362 366) no Hoare annotation was computed. [2022-07-22 17:40:31,764 INFO L895 garLoopResultBuilder]: At program point L472(lines 467 475) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0)))) (and (or (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 (not (<= 1 |old(~pumpRunning~0)|)) (not (<= ~waterLevel~0 1)) (not (<= 1 ~switchedOnBeforeTS~0))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 (not (<= ~waterLevel~0 2))))) [2022-07-22 17:40:31,764 INFO L895 garLoopResultBuilder]: At program point processEnvironment__wrappee__methaneQueryENTRY(lines 194 218) the Hoare annotation is: (let ((.cse1 (not (<= ~waterLevel~0 1))) (.cse2 (not (= |old(~pumpRunning~0)| 0))) (.cse3 (= ~pumpRunning~0 0)) (.cse0 (not (= 1 ~systemActive~0)))) (and (or (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 (not (<= 1 |old(~pumpRunning~0)|)) .cse1 (not (<= 1 ~switchedOnBeforeTS~0))) (or .cse2 .cse3 .cse0 .cse1) (or .cse2 .cse3 .cse0 (not (= 2 ~waterLevel~0))))) [2022-07-22 17:40:31,765 INFO L895 garLoopResultBuilder]: At program point L208(line 208) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0)))) (and (or (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 (not (<= 1 |old(~pumpRunning~0)|)) (not (<= ~waterLevel~0 1)) (not (<= 1 ~switchedOnBeforeTS~0))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 (not (<= ~waterLevel~0 2))))) [2022-07-22 17:40:31,767 INFO L895 garLoopResultBuilder]: At program point L204(line 204) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0)))) (and (or (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 (not (<= 1 |old(~pumpRunning~0)|)) (not (<= ~waterLevel~0 1)) (not (<= 1 ~switchedOnBeforeTS~0))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 (not (<= ~waterLevel~0 2))))) [2022-07-22 17:40:31,767 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__methaneQueryEXIT(lines 194 218) no Hoare annotation was computed. [2022-07-22 17:40:31,767 INFO L899 garLoopResultBuilder]: For program point L202(lines 202 210) no Hoare annotation was computed. [2022-07-22 17:40:31,767 INFO L899 garLoopResultBuilder]: For program point L198(lines 198 215) no Hoare annotation was computed. [2022-07-22 17:40:31,768 INFO L899 garLoopResultBuilder]: For program point isPumpRunningEXIT(lines 289 297) no Hoare annotation was computed. [2022-07-22 17:40:31,768 INFO L902 garLoopResultBuilder]: At program point isPumpRunningENTRY(lines 289 297) the Hoare annotation is: true [2022-07-22 17:40:31,768 INFO L899 garLoopResultBuilder]: For program point isPumpRunningFINAL(lines 289 297) no Hoare annotation was computed. [2022-07-22 17:40:31,768 INFO L902 garLoopResultBuilder]: At program point changeMethaneLevelENTRY(lines 400 411) the Hoare annotation is: true [2022-07-22 17:40:31,768 INFO L899 garLoopResultBuilder]: For program point changeMethaneLevelEXIT(lines 400 411) no Hoare annotation was computed. [2022-07-22 17:40:31,768 INFO L899 garLoopResultBuilder]: For program point L404-1(lines 400 411) no Hoare annotation was computed. [2022-07-22 17:40:31,769 INFO L899 garLoopResultBuilder]: For program point cleanupEXIT(lines 941 970) no Hoare annotation was computed. [2022-07-22 17:40:31,769 INFO L902 garLoopResultBuilder]: At program point cleanupENTRY(lines 941 970) the Hoare annotation is: true [2022-07-22 17:40:31,769 INFO L899 garLoopResultBuilder]: For program point L955(lines 955 959) no Hoare annotation was computed. [2022-07-22 17:40:31,769 INFO L902 garLoopResultBuilder]: At program point L955-1(lines 955 959) the Hoare annotation is: true [2022-07-22 17:40:31,770 INFO L899 garLoopResultBuilder]: For program point L952(line 952) no Hoare annotation was computed. [2022-07-22 17:40:31,770 INFO L902 garLoopResultBuilder]: At program point L951-2(lines 951 965) the Hoare annotation is: true [2022-07-22 17:40:31,771 INFO L902 garLoopResultBuilder]: At program point L947(line 947) the Hoare annotation is: true [2022-07-22 17:40:31,771 INFO L899 garLoopResultBuilder]: For program point L947-1(line 947) no Hoare annotation was computed. [2022-07-22 17:40:31,771 INFO L902 garLoopResultBuilder]: At program point L966(lines 941 970) the Hoare annotation is: true [2022-07-22 17:40:31,771 INFO L899 garLoopResultBuilder]: For program point L962(line 962) no Hoare annotation was computed. [2022-07-22 17:40:31,771 INFO L899 garLoopResultBuilder]: For program point L147-1(lines 147 153) no Hoare annotation was computed. [2022-07-22 17:40:31,772 INFO L895 garLoopResultBuilder]: At program point L234(line 234) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse7 (= 1 ~systemActive~0)) (.cse1 (<= 1 ~switchedOnBeforeTS~0))) (let ((.cse3 (not (<= 1 |old(~pumpRunning~0)|))) (.cse4 (and (<= 1 ~pumpRunning~0) .cse0 (<= ~waterLevel~0 1) .cse7 (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|) .cse1)) (.cse6 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (.cse2 (not .cse7)) (.cse5 (not (<= |old(~waterLevel~0)| 2)))) (and (or (and .cse0 (= |old(~waterLevel~0)| ~waterLevel~0) .cse1) .cse2 .cse3 .cse4 .cse5 .cse6) (or .cse2 .cse3 (not (< 1 |old(~waterLevel~0)|)) (and .cse0 (= ~waterLevel~0 1) .cse1) .cse5) (or (not (= |old(~waterLevel~0)| 1)) .cse2 .cse3 .cse4 .cse6) (or (not (= |old(~pumpRunning~0)| 0)) .cse2 .cse5)))) [2022-07-22 17:40:31,772 INFO L895 garLoopResultBuilder]: At program point L936(lines 931 938) the Hoare annotation is: (let ((.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse0 (not (= 1 ~systemActive~0))) (.cse2 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 (not (< 1 |old(~waterLevel~0)|)) .cse2) (or (not (<= |old(~waterLevel~0)| 1)) .cse0 .cse1 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse2))) [2022-07-22 17:40:31,772 INFO L899 garLoopResultBuilder]: For program point timeShiftFINAL(lines 133 159) no Hoare annotation was computed. [2022-07-22 17:40:31,772 INFO L895 garLoopResultBuilder]: At program point L230(line 230) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse7 (= 1 ~systemActive~0)) (.cse1 (<= 1 ~switchedOnBeforeTS~0))) (let ((.cse3 (not (<= 1 |old(~pumpRunning~0)|))) (.cse4 (and (<= 1 ~pumpRunning~0) .cse0 (<= ~waterLevel~0 1) .cse7 (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|) .cse1)) (.cse6 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (.cse2 (not .cse7)) (.cse5 (not (<= |old(~waterLevel~0)| 2)))) (and (or (and .cse0 (= |old(~waterLevel~0)| ~waterLevel~0) .cse1) .cse2 .cse3 .cse4 .cse5 .cse6) (or .cse2 .cse3 (not (< 1 |old(~waterLevel~0)|)) (and .cse0 (= ~waterLevel~0 1) .cse1) .cse5) (or (not (= |old(~waterLevel~0)| 1)) .cse2 .cse3 .cse4 .cse6) (or (not (= |old(~pumpRunning~0)| 0)) .cse2 .cse5)))) [2022-07-22 17:40:31,772 INFO L895 garLoopResultBuilder]: At program point L226(line 226) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse7 (= 1 ~systemActive~0)) (.cse1 (<= 1 ~switchedOnBeforeTS~0))) (let ((.cse3 (not (<= 1 |old(~pumpRunning~0)|))) (.cse4 (and (<= 1 ~pumpRunning~0) .cse0 (<= ~waterLevel~0 1) .cse7 (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|) .cse1)) (.cse6 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (.cse2 (not .cse7)) (.cse5 (not (<= |old(~waterLevel~0)| 2)))) (and (or (and .cse0 (= |old(~waterLevel~0)| ~waterLevel~0) .cse1) .cse2 .cse3 .cse4 .cse5 .cse6) (or .cse2 .cse3 (not (< 1 |old(~waterLevel~0)|)) (and .cse0 (= ~waterLevel~0 1) .cse1) .cse5) (or (not (= |old(~waterLevel~0)| 1)) .cse2 .cse3 .cse4 .cse6) (or (not (= |old(~pumpRunning~0)| 0)) .cse2 .cse5)))) [2022-07-22 17:40:31,772 INFO L899 garLoopResultBuilder]: For program point L226-1(line 226) no Hoare annotation was computed. [2022-07-22 17:40:31,773 INFO L895 garLoopResultBuilder]: At program point L449(lines 444 452) the Hoare annotation is: (let ((.cse16 (<= 1 ~pumpRunning~0)) (.cse8 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse11 (<= |timeShift_getWaterLevel_#res#1| ~waterLevel~0)) (.cse0 (= ~pumpRunning~0 0)) (.cse13 (<= ~waterLevel~0 1)) (.cse17 (= 1 ~systemActive~0)) (.cse18 (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|)) (.cse3 (<= 1 ~switchedOnBeforeTS~0))) (let ((.cse5 (and .cse11 .cse0 .cse13 .cse17 .cse18 .cse3)) (.cse7 (and .cse16 .cse8 .cse11 .cse13 .cse17 .cse18 .cse3)) (.cse10 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (.cse6 (not (<= 1 |old(~pumpRunning~0)|))) (.cse4 (not .cse17)) (.cse1 (< |timeShift_getWaterLevel_#res#1| 2)) (.cse9 (not (<= |old(~waterLevel~0)| 2))) (.cse2 (= |old(~waterLevel~0)| ~waterLevel~0))) (and (or (and .cse0 .cse1 .cse2 .cse3) .cse4 .cse5 .cse6 .cse7 (and .cse8 .cse1 .cse2 .cse3) .cse9 .cse10) (or (not (= |old(~waterLevel~0)| 1)) .cse4 .cse5 .cse6 .cse7 .cse10) (let ((.cse12 (= ~waterLevel~0 1))) (or .cse4 .cse6 (not (< 1 |old(~waterLevel~0)|)) (and .cse8 .cse11 .cse12 .cse3) (and .cse11 .cse0 .cse12 .cse3) .cse9)) (let ((.cse14 (= 2 ~waterLevel~0)) (.cse15 (= 2 |timeShift_getWaterLevel_#res#1|))) (or (not (= |old(~pumpRunning~0)| 0)) .cse4 (and .cse0 .cse1 .cse13 .cse2) (and .cse0 .cse14 .cse15 .cse2) .cse9 (and .cse16 .cse14 .cse15 .cse2)))))) [2022-07-22 17:40:31,773 INFO L895 garLoopResultBuilder]: At program point L858(line 858) the Hoare annotation is: (let ((.cse3 (not (<= |old(~waterLevel~0)| 2))) (.cse2 (not (= 1 ~systemActive~0))) (.cse4 (not (<= 1 |old(~pumpRunning~0)|))) (.cse5 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse0 (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|)) (.cse1 (= |old(~waterLevel~0)| ~waterLevel~0))) (and (or (and (= ~pumpRunning~0 0) .cse0 .cse1) (not (= |old(~pumpRunning~0)| 0)) .cse2 .cse3) (or .cse2 .cse4 (not (< 1 |old(~waterLevel~0)|)) (and .cse5 .cse0 (< 1 ~waterLevel~0) (<= ~waterLevel~0 2)) .cse3) (or (not (<= |old(~waterLevel~0)| 1)) .cse2 .cse4 (and .cse5 .cse0 .cse1) (not (<= 1 |old(~switchedOnBeforeTS~0)|))))) [2022-07-22 17:40:31,773 INFO L899 garLoopResultBuilder]: For program point L858-1(line 858) no Hoare annotation was computed. [2022-07-22 17:40:31,773 INFO L895 garLoopResultBuilder]: At program point L239(line 239) the Hoare annotation is: (let ((.cse1 (not (<= |old(~waterLevel~0)| 2))) (.cse0 (not (= 1 ~systemActive~0))) (.cse2 (not (<= 1 |old(~pumpRunning~0)|)))) (and (or (not (= |old(~pumpRunning~0)| 0)) (and (= ~pumpRunning~0 0) (= |old(~waterLevel~0)| ~waterLevel~0)) .cse0 .cse1) (or .cse0 .cse2 (not (< 1 |old(~waterLevel~0)|)) .cse1) (or (not (<= |old(~waterLevel~0)| 1)) .cse0 .cse2 (not (<= 1 |old(~switchedOnBeforeTS~0)|))))) [2022-07-22 17:40:31,773 INFO L895 garLoopResultBuilder]: At program point L239-1(lines 220 244) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse4 (<= 1 ~pumpRunning~0)) (.cse9 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse12 (<= ~waterLevel~0 1)) (.cse11 (= 1 ~systemActive~0)) (.cse13 (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|)) (.cse10 (<= 1 ~switchedOnBeforeTS~0))) (let ((.cse6 (and .cse4 .cse9 .cse12 .cse11 .cse13 .cse10)) (.cse7 (and .cse0 .cse12 .cse11 .cse13 .cse10)) (.cse1 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse8 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (.cse2 (not .cse11)) (.cse5 (not (<= 1 |old(~pumpRunning~0)|))) (.cse3 (not (<= |old(~waterLevel~0)| 2)))) (and (or (not (= |old(~pumpRunning~0)| 0)) (and .cse0 .cse1) .cse2 .cse3 (and .cse4 (= 2 ~waterLevel~0) .cse1)) (or .cse2 .cse5 (not (= |old(~waterLevel~0)| 2)) .cse6 .cse7) (or (not (= |old(~waterLevel~0)| 1)) .cse2 .cse5 .cse6 .cse7 .cse8) (or (and .cse9 .cse1 .cse10) .cse2 .cse5 .cse6 .cse7 (and .cse0 .cse1 .cse10) .cse3 .cse8) (or .cse2 .cse5 (not (< 1 |old(~waterLevel~0)|)) (= ~waterLevel~0 1) .cse3)))) [2022-07-22 17:40:31,774 INFO L899 garLoopResultBuilder]: For program point L140(lines 140 146) no Hoare annotation was computed. [2022-07-22 17:40:31,774 INFO L899 garLoopResultBuilder]: For program point L875(lines 875 885) no Hoare annotation was computed. [2022-07-22 17:40:31,774 INFO L899 garLoopResultBuilder]: For program point L140-2(lines 136 158) no Hoare annotation was computed. [2022-07-22 17:40:31,774 INFO L899 garLoopResultBuilder]: For program point L871(lines 871 888) no Hoare annotation was computed. [2022-07-22 17:40:31,774 INFO L895 garLoopResultBuilder]: At program point L871-1(lines 863 891) the Hoare annotation is: (let ((.cse5 (= ~pumpRunning~0 0)) (.cse18 (<= 1 ~pumpRunning~0)) (.cse11 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse19 (<= |timeShift___utac_acc__Specification5_spec__3_~tmp~10#1| ~waterLevel~0)) (.cse20 (<= |timeShift_getWaterLevel_#res#1| ~waterLevel~0)) (.cse21 (<= ~waterLevel~0 1)) (.cse8 (= 1 ~systemActive~0)) (.cse22 (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|)) (.cse10 (<= 1 ~switchedOnBeforeTS~0))) (let ((.cse12 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (.cse2 (not (<= |old(~waterLevel~0)| 1))) (.cse15 (not (= |old(~pumpRunning~0)| 0))) (.cse6 (< |timeShift_getWaterLevel_#res#1| 2)) (.cse7 (not (<= 2 |timeShift___utac_acc__Specification5_spec__3_~tmp~10#1|))) (.cse9 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse0 (and .cse18 .cse11 .cse19 .cse20 .cse21 .cse8 .cse22 .cse10)) (.cse1 (and .cse19 .cse20 .cse5 .cse21 .cse8 .cse22 .cse10)) (.cse3 (not .cse8)) (.cse4 (not (<= 1 |old(~pumpRunning~0)|))) (.cse16 (not (< 1 |old(~waterLevel~0)|))) (.cse17 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4 (and .cse5 .cse6 .cse7 .cse8 .cse9 .cse10) (and .cse11 .cse6 .cse7 .cse8 .cse9 .cse10) .cse12) (or .cse0 .cse1 (not (= |old(~waterLevel~0)| 1)) .cse3 .cse4 .cse12) (let ((.cse13 (= |timeShift___utac_acc__Specification5_spec__3_~tmp~10#1| 2)) (.cse14 (= 2 |timeShift_getWaterLevel_#res#1|))) (or (and .cse11 .cse5 .cse13 .cse14 .cse8 .cse9) .cse15 .cse3 .cse16 .cse17 (and .cse18 .cse13 .cse14 .cse9))) (or .cse2 .cse15 .cse3 (and .cse11 .cse5 .cse6 .cse7 .cse8 .cse9)) (or .cse0 .cse1 .cse3 .cse4 (not (= |old(~waterLevel~0)| 2))) (or .cse3 .cse4 .cse16 (= ~waterLevel~0 1) .cse17)))) [2022-07-22 17:40:31,774 INFO L899 garLoopResultBuilder]: For program point L380(lines 380 384) no Hoare annotation was computed. [2022-07-22 17:40:31,775 INFO L895 garLoopResultBuilder]: At program point L380-2(lines 376 387) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse7 (= 1 ~systemActive~0)) (.cse1 (<= 1 ~switchedOnBeforeTS~0))) (let ((.cse3 (not (<= 1 |old(~pumpRunning~0)|))) (.cse4 (and (<= 1 ~pumpRunning~0) .cse0 (<= ~waterLevel~0 1) .cse7 (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|) .cse1)) (.cse6 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (.cse2 (not .cse7)) (.cse5 (not (<= |old(~waterLevel~0)| 2)))) (and (or (and .cse0 (= |old(~waterLevel~0)| ~waterLevel~0) .cse1) .cse2 .cse3 .cse4 .cse5 .cse6) (or .cse2 .cse3 (not (< 1 |old(~waterLevel~0)|)) (and .cse0 (= ~waterLevel~0 1) .cse1) .cse5) (or (not (= |old(~waterLevel~0)| 1)) .cse2 .cse3 .cse4 .cse6) (or (not (= |old(~pumpRunning~0)| 0)) .cse2 .cse5)))) [2022-07-22 17:40:31,775 INFO L899 garLoopResultBuilder]: For program point L876(lines 876 882) no Hoare annotation was computed. [2022-07-22 17:40:31,775 INFO L899 garLoopResultBuilder]: For program point L228(lines 228 236) no Hoare annotation was computed. [2022-07-22 17:40:31,775 INFO L899 garLoopResultBuilder]: For program point L224(lines 224 241) no Hoare annotation was computed. [2022-07-22 17:40:31,775 INFO L895 garLoopResultBuilder]: At program point L860(lines 853 862) the Hoare annotation is: (let ((.cse0 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse3 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 (<= 1 ~switchedOnBeforeTS~0))) (.cse1 (not (= 1 ~systemActive~0))) (.cse4 (not (<= 1 |old(~pumpRunning~0)|))) (.cse2 (not (<= |old(~waterLevel~0)| 2)))) (and (or (not (= |old(~pumpRunning~0)| 0)) (and (= ~pumpRunning~0 0) .cse0) .cse1 .cse2) (or .cse3 .cse1 .cse4 (not (= |old(~waterLevel~0)| 2))) (or .cse3 .cse1 .cse4 .cse2 (not (<= 1 |old(~switchedOnBeforeTS~0)|)))))) [2022-07-22 17:40:31,776 INFO L895 garLoopResultBuilder]: At program point timeShiftENTRY(lines 133 159) the Hoare annotation is: (let ((.cse3 (not (<= |old(~waterLevel~0)| 2))) (.cse2 (not (= 1 ~systemActive~0))) (.cse4 (not (<= 1 |old(~pumpRunning~0)|))) (.cse5 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse0 (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|)) (.cse1 (= |old(~waterLevel~0)| ~waterLevel~0))) (and (or (and (= ~pumpRunning~0 0) .cse0 .cse1) (not (= |old(~pumpRunning~0)| 0)) .cse2 .cse3) (or .cse2 .cse4 (not (< 1 |old(~waterLevel~0)|)) (and .cse5 .cse0 (< 1 ~waterLevel~0) (<= ~waterLevel~0 2)) .cse3) (or (not (<= |old(~waterLevel~0)| 1)) .cse2 .cse4 (and .cse5 .cse0 .cse1) (not (<= 1 |old(~switchedOnBeforeTS~0)|))))) [2022-07-22 17:40:31,776 INFO L899 garLoopResultBuilder]: For program point timeShiftEXIT(lines 133 159) no Hoare annotation was computed. [2022-07-22 17:40:31,776 INFO L895 garLoopResultBuilder]: At program point L873(line 873) the Hoare annotation is: (let ((.cse9 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse14 (<= |timeShift___utac_acc__Specification5_spec__3_~tmp~10#1| ~waterLevel~0)) (.cse15 (<= |timeShift_getWaterLevel_#res#1| ~waterLevel~0)) (.cse2 (= ~pumpRunning~0 0)) (.cse18 (<= ~waterLevel~0 1)) (.cse17 (= 1 ~systemActive~0)) (.cse19 (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|)) (.cse6 (<= 1 ~switchedOnBeforeTS~0))) (let ((.cse3 (< |timeShift_getWaterLevel_#res#1| 2)) (.cse5 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse12 (not (= |old(~pumpRunning~0)| 0))) (.cse0 (and .cse14 .cse15 .cse2 .cse18 .cse17 .cse19 .cse6)) (.cse1 (and .cse9 .cse14 .cse15 .cse18 .cse19 .cse6)) (.cse11 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (.cse7 (not .cse17)) (.cse8 (not (<= 1 |old(~pumpRunning~0)|))) (.cse13 (not (< 1 |old(~waterLevel~0)|))) (.cse10 (not (<= |old(~waterLevel~0)| 2)))) (and (let ((.cse4 (not (<= 2 |timeShift___utac_acc__Specification5_spec__3_~tmp~10#1|)))) (or .cse0 .cse1 (and .cse2 .cse3 .cse4 .cse5 .cse6) .cse7 .cse8 (and .cse9 .cse3 .cse4 .cse5 .cse6) .cse10 .cse11)) (or (not (<= |old(~waterLevel~0)| 1)) .cse12 .cse7 (and .cse2 .cse3 .cse5 (< |timeShift___utac_acc__Specification5_spec__3_~tmp~10#1| 2))) (or .cse12 .cse7 .cse13 .cse10) (or .cse0 .cse1 (not (= |old(~waterLevel~0)| 1)) .cse7 .cse8 .cse11) (let ((.cse16 (= ~waterLevel~0 1))) (or .cse7 .cse8 .cse13 (and .cse14 .cse15 .cse2 .cse16 .cse6) .cse10 (and .cse9 .cse14 .cse15 .cse16 .cse6)))))) [2022-07-22 17:40:31,776 INFO L899 garLoopResultBuilder]: For program point timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION(line 935) no Hoare annotation was computed. [2022-07-22 17:40:31,776 INFO L899 garLoopResultBuilder]: For program point L873-1(line 873) no Hoare annotation was computed. [2022-07-22 17:40:31,777 INFO L899 garLoopResultBuilder]: For program point L935(line 935) no Hoare annotation was computed. [2022-07-22 17:40:31,777 INFO L902 garLoopResultBuilder]: At program point L1010(lines 1002 1012) the Hoare annotation is: true [2022-07-22 17:40:31,777 INFO L895 garLoopResultBuilder]: At program point L911(lines 907 913) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-07-22 17:40:31,777 INFO L895 garLoopResultBuilder]: At program point L110(lines 63 111) the Hoare annotation is: false [2022-07-22 17:40:31,777 INFO L899 garLoopResultBuilder]: For program point L65(lines 64 109) no Hoare annotation was computed. [2022-07-22 17:40:31,777 INFO L899 garLoopResultBuilder]: For program point L-1(line -1) no Hoare annotation was computed. [2022-07-22 17:40:31,777 INFO L899 garLoopResultBuilder]: For program point L1023(lines 1023 1030) no Hoare annotation was computed. [2022-07-22 17:40:31,778 INFO L899 garLoopResultBuilder]: For program point L94(lines 94 105) no Hoare annotation was computed. [2022-07-22 17:40:31,778 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startENTRY(line -1) no Hoare annotation was computed. [2022-07-22 17:40:31,778 INFO L899 garLoopResultBuilder]: For program point L1023-2(lines 1023 1030) no Hoare annotation was computed. [2022-07-22 17:40:31,778 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startFINAL(line -1) no Hoare annotation was computed. [2022-07-22 17:40:31,778 INFO L895 garLoopResultBuilder]: At program point L86(line 86) the Hoare annotation is: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= |ULTIMATE.start_main_~tmp~11#1| ~systemActive~0)) (.cse2 (= 1 ~systemActive~0)) (.cse3 (= |ULTIMATE.start_valid_product_#res#1| ~systemActive~0)) (.cse4 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse5 (<= ~waterLevel~0 2))) (or (and .cse0 (<= ~waterLevel~0 1) .cse1 .cse2 .cse3 .cse4 (<= 1 ~switchedOnBeforeTS~0)) (and .cse0 .cse1 (< 1 ~waterLevel~0) .cse2 .cse3 .cse4 .cse5) (and (= ~pumpRunning~0 0) .cse1 .cse2 .cse3 .cse4 .cse5))) [2022-07-22 17:40:31,778 INFO L895 garLoopResultBuilder]: At program point L850(lines 845 852) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= |ULTIMATE.start_main_~tmp~11#1| ~systemActive~0) (= 1 ~systemActive~0) (= |ULTIMATE.start_valid_product_#res#1| ~systemActive~0) (= ~waterLevel~0 1)) [2022-07-22 17:40:31,778 INFO L895 garLoopResultBuilder]: At program point L107(lines 64 109) the Hoare annotation is: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse6 (= 2 ~waterLevel~0)) (.cse7 (= ~pumpRunning~0 0)) (.cse1 (<= ~waterLevel~0 1)) (.cse2 (= |ULTIMATE.start_main_~tmp~11#1| ~systemActive~0)) (.cse3 (= 1 ~systemActive~0)) (.cse4 (= |ULTIMATE.start_valid_product_#res#1| ~systemActive~0)) (.cse5 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4 .cse5 (<= 1 ~switchedOnBeforeTS~0)) (and .cse0 .cse6 .cse2 .cse3 .cse4 .cse5) (and .cse7 .cse6 .cse2 .cse3 .cse4 .cse5) (and .cse7 .cse1 .cse2 .cse3 .cse4 .cse5))) [2022-07-22 17:40:31,779 INFO L899 garLoopResultBuilder]: For program point L74(lines 74 80) no Hoare annotation was computed. [2022-07-22 17:40:31,779 INFO L899 garLoopResultBuilder]: For program point L74-1(lines 74 80) no Hoare annotation was computed. [2022-07-22 17:40:31,779 INFO L902 garLoopResultBuilder]: At program point L1032(lines 1013 1035) the Hoare annotation is: true [2022-07-22 17:40:31,779 INFO L895 garLoopResultBuilder]: At program point L999(lines 995 1001) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= |ULTIMATE.start_main_~tmp~11#1| ~systemActive~0) (= 1 ~systemActive~0) (= |ULTIMATE.start_valid_product_#res#1| ~systemActive~0) (= ~waterLevel~0 1)) [2022-07-22 17:40:31,779 INFO L899 garLoopResultBuilder]: For program point L66(lines 66 70) no Hoare annotation was computed. [2022-07-22 17:40:31,779 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startEXIT(line -1) no Hoare annotation was computed. [2022-07-22 17:40:31,779 INFO L899 garLoopResultBuilder]: For program point L100(lines 100 104) no Hoare annotation was computed. [2022-07-22 17:40:31,780 INFO L895 garLoopResultBuilder]: At program point L100-2(lines 94 105) the Hoare annotation is: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= |ULTIMATE.start_main_~tmp~11#1| ~systemActive~0)) (.cse2 (= 1 ~systemActive~0)) (.cse3 (= |ULTIMATE.start_valid_product_#res#1| ~systemActive~0)) (.cse4 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse5 (<= ~waterLevel~0 2))) (or (and .cse0 (<= ~waterLevel~0 1) .cse1 .cse2 .cse3 .cse4 (<= 1 ~switchedOnBeforeTS~0)) (and .cse0 .cse1 (< 1 ~waterLevel~0) .cse2 .cse3 .cse4 .cse5) (and (= ~pumpRunning~0 0) .cse1 .cse2 .cse3 .cse4 .cse5))) [2022-07-22 17:40:31,780 INFO L895 garLoopResultBuilder]: At program point L926(lines 921 929) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= |ULTIMATE.start_valid_product_#res#1| ~systemActive~0) (= ~waterLevel~0 1)) [2022-07-22 17:40:31,780 INFO L895 garLoopResultBuilder]: At program point L918(lines 914 920) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-07-22 17:40:31,780 INFO L899 garLoopResultBuilder]: For program point L84(lines 84 90) no Hoare annotation was computed. [2022-07-22 17:40:31,780 INFO L899 garLoopResultBuilder]: For program point L84-1(lines 84 90) no Hoare annotation was computed. [2022-07-22 17:40:31,780 INFO L902 garLoopResultBuilder]: At program point L113(lines 54 117) the Hoare annotation is: true [2022-07-22 17:40:31,780 INFO L895 garLoopResultBuilder]: At program point L76(line 76) the Hoare annotation is: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse6 (= 2 ~waterLevel~0)) (.cse7 (= ~pumpRunning~0 0)) (.cse1 (<= ~waterLevel~0 1)) (.cse2 (= |ULTIMATE.start_main_~tmp~11#1| ~systemActive~0)) (.cse3 (= 1 ~systemActive~0)) (.cse4 (= |ULTIMATE.start_valid_product_#res#1| ~systemActive~0)) (.cse5 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4 .cse5 (<= 1 ~switchedOnBeforeTS~0)) (and .cse0 .cse6 .cse2 .cse3 .cse4 .cse5) (and .cse7 .cse6 .cse2 .cse3 .cse4 .cse5) (and .cse7 .cse1 .cse2 .cse3 .cse4 .cse5))) [2022-07-22 17:40:31,781 INFO L899 garLoopResultBuilder]: For program point L258-1(line 258) no Hoare annotation was computed. [2022-07-22 17:40:31,781 INFO L895 garLoopResultBuilder]: At program point processEnvironment__wrappee__highWaterSensorENTRY(lines 168 192) the Hoare annotation is: (let ((.cse1 (not (<= ~waterLevel~0 1))) (.cse2 (not (= |old(~pumpRunning~0)| 0))) (.cse3 (= ~pumpRunning~0 0)) (.cse0 (not (= 1 ~systemActive~0)))) (and (or (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 (not (<= 1 |old(~pumpRunning~0)|)) .cse1 (not (<= 1 ~switchedOnBeforeTS~0))) (or .cse2 .cse3 .cse0 .cse1) (or .cse2 .cse3 .cse0 (not (= 2 ~waterLevel~0))))) [2022-07-22 17:40:31,781 INFO L895 garLoopResultBuilder]: At program point L349(lines 334 352) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0)))) (and (let ((.cse1 (= ~pumpRunning~0 0))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 (and .cse1 (= 2 ~waterLevel~0)) (and (<= 1 |processEnvironment__wrappee__highWaterSensor_isHighWaterSensorDry_#res#1|) .cse1 (= |processEnvironment__wrappee__highWaterSensor_isHighWaterLevel_~tmp___0~1#1| 0) (<= 1 |processEnvironment__wrappee__highWaterSensor_isHighWaterLevel_~tmp~5#1|) (= |processEnvironment__wrappee__highWaterSensor_isHighWaterLevel_#res#1| 0)) (not (<= ~waterLevel~0 2)))) (or .cse0 (not (<= 1 |old(~pumpRunning~0)|)) (not (<= ~waterLevel~0 1)) (not (<= 1 ~switchedOnBeforeTS~0))))) [2022-07-22 17:40:31,781 INFO L895 garLoopResultBuilder]: At program point L250(lines 245 252) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (= 1 ~systemActive~0))) (.cse2 (not (<= ~waterLevel~0 1)))) (and (or (<= 1 ~pumpRunning~0) .cse0 .cse1 (not (= 2 ~waterLevel~0))) (or .cse1 (not (<= 1 |old(~pumpRunning~0)|)) .cse2 (not (<= 1 ~switchedOnBeforeTS~0))) (or .cse0 .cse1 .cse2))) [2022-07-22 17:40:31,781 INFO L899 garLoopResultBuilder]: For program point L343(lines 343 347) no Hoare annotation was computed. [2022-07-22 17:40:31,781 INFO L895 garLoopResultBuilder]: At program point L182(line 182) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (= 1 ~systemActive~0)))) (and (or .cse0 .cse1 (not (<= ~waterLevel~0 2)) (and (= ~pumpRunning~0 0) (= |processEnvironment__wrappee__highWaterSensor_~tmp~1#1| 0))) (or (not (= ~waterLevel~0 1)) .cse0 .cse1 (and (<= 1 |processEnvironment__wrappee__highWaterSensor_isHighWaterSensorDry_#res#1|) (<= 1 |processEnvironment__wrappee__highWaterSensor_isHighWaterLevel_~tmp~5#1|))) (or .cse1 (not (<= 1 |old(~pumpRunning~0)|)) (not (<= ~waterLevel~0 1)) (not (<= 1 ~switchedOnBeforeTS~0))))) [2022-07-22 17:40:31,782 INFO L899 garLoopResultBuilder]: For program point L343-2(lines 343 347) no Hoare annotation was computed. [2022-07-22 17:40:31,782 INFO L899 garLoopResultBuilder]: For program point L176(lines 176 184) no Hoare annotation was computed. [2022-07-22 17:40:31,782 INFO L899 garLoopResultBuilder]: For program point L172(lines 172 189) no Hoare annotation was computed. [2022-07-22 17:40:31,782 INFO L899 garLoopResultBuilder]: For program point L457(lines 457 463) no Hoare annotation was computed. [2022-07-22 17:40:31,782 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__highWaterSensorEXIT(lines 168 192) no Hoare annotation was computed. [2022-07-22 17:40:31,782 INFO L895 garLoopResultBuilder]: At program point L187(line 187) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0)))) (and (or (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 (not (<= 1 |old(~pumpRunning~0)|)) (not (<= ~waterLevel~0 1)) (not (<= 1 ~switchedOnBeforeTS~0))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 (not (<= ~waterLevel~0 2))))) [2022-07-22 17:40:31,782 INFO L899 garLoopResultBuilder]: For program point L187-1(lines 168 192) no Hoare annotation was computed. [2022-07-22 17:40:31,783 INFO L895 garLoopResultBuilder]: At program point L462(lines 453 466) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse2 (<= ~waterLevel~0 1))) (and (let ((.cse1 (= ~pumpRunning~0 0))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 (not (<= ~waterLevel~0 2)) (and .cse1 (= 2 ~waterLevel~0) (= |processEnvironment__wrappee__highWaterSensor_isHighWaterSensorDry_#res#1| 0)) (and (<= 1 |processEnvironment__wrappee__highWaterSensor_isHighWaterSensorDry_#res#1|) .cse1 .cse2))) (or .cse0 (not (<= 1 |old(~pumpRunning~0)|)) (not .cse2) (not (<= 1 ~switchedOnBeforeTS~0))))) [2022-07-22 17:40:31,783 INFO L899 garLoopResultBuilder]: For program point L260(lines 260 266) no Hoare annotation was computed. [2022-07-22 17:40:31,783 INFO L895 garLoopResultBuilder]: At program point L258(line 258) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (= 1 ~systemActive~0))) (.cse2 (not (<= ~waterLevel~0 1)))) (and (or .cse0 (= ~pumpRunning~0 0) .cse1 (not (= 2 ~waterLevel~0))) (or .cse1 (not (<= 1 |old(~pumpRunning~0)|)) .cse2 (not (<= 1 ~switchedOnBeforeTS~0))) (or .cse0 .cse1 .cse2))) [2022-07-22 17:40:31,783 INFO L895 garLoopResultBuilder]: At program point L260-2(lines 253 269) the Hoare annotation is: (let ((.cse1 (not (<= ~waterLevel~0 1))) (.cse2 (not (= |old(~pumpRunning~0)| 0))) (.cse0 (not (= 1 ~systemActive~0)))) (and (or .cse0 (not (<= 1 |old(~pumpRunning~0)|)) .cse1 (not (<= 1 ~switchedOnBeforeTS~0))) (or .cse2 .cse0 .cse1) (or (<= 1 ~pumpRunning~0) .cse2 (= ~pumpRunning~0 0) .cse0 (not (= 2 ~waterLevel~0))))) [2022-07-22 17:40:31,783 INFO L899 garLoopResultBuilder]: For program point waterRiseEXIT(lines 388 399) no Hoare annotation was computed. [2022-07-22 17:40:31,783 INFO L899 garLoopResultBuilder]: For program point L392-1(lines 388 399) no Hoare annotation was computed. [2022-07-22 17:40:31,783 INFO L895 garLoopResultBuilder]: At program point waterRiseENTRY(lines 388 399) the Hoare annotation is: (let ((.cse2 (not (= |old(~waterLevel~0)| 2))) (.cse4 (not (= ~pumpRunning~0 0))) (.cse5 (not (<= |old(~waterLevel~0)| 1))) (.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= 1 ~pumpRunning~0))) (.cse3 (= |old(~waterLevel~0)| ~waterLevel~0))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse4 .cse0 .cse2 .cse3) (or .cse5 .cse4 .cse0 .cse3) (or .cse5 .cse0 .cse1 .cse3 (not (<= 1 ~switchedOnBeforeTS~0))))) [2022-07-22 17:40:31,784 INFO L902 garLoopResultBuilder]: At program point L417(lines 412 420) the Hoare annotation is: true [2022-07-22 17:40:31,784 INFO L902 garLoopResultBuilder]: At program point isMethaneAlarmENTRY(lines 278 288) the Hoare annotation is: true [2022-07-22 17:40:31,784 INFO L899 garLoopResultBuilder]: For program point isMethaneAlarmEXIT(lines 278 288) no Hoare annotation was computed. [2022-07-22 17:40:31,784 INFO L899 garLoopResultBuilder]: For program point isMethaneAlarmFINAL(lines 278 288) no Hoare annotation was computed. [2022-07-22 17:40:31,787 INFO L356 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-07-22 17:40:31,789 INFO L176 ceAbstractionStarter]: Computing trace abstraction results [2022-07-22 17:40:31,822 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 22.07 05:40:31 BoogieIcfgContainer [2022-07-22 17:40:31,822 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2022-07-22 17:40:31,823 INFO L113 PluginConnector]: ------------------------Witness Printer---------------------------- [2022-07-22 17:40:31,823 INFO L271 PluginConnector]: Initializing Witness Printer... [2022-07-22 17:40:31,823 INFO L275 PluginConnector]: Witness Printer initialized [2022-07-22 17:40:31,824 INFO L185 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 22.07 05:40:18" (3/4) ... [2022-07-22 17:40:31,826 INFO L137 WitnessPrinter]: Generating witness for correct program [2022-07-22 17:40:31,832 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2022-07-22 17:40:31,832 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2022-07-22 17:40:31,832 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2022-07-22 17:40:31,832 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2022-07-22 17:40:31,832 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2022-07-22 17:40:31,833 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2022-07-22 17:40:31,833 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2022-07-22 17:40:31,833 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__methaneQuery [2022-07-22 17:40:31,833 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2022-07-22 17:40:31,833 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure isMethaneAlarm [2022-07-22 17:40:31,839 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 53 nodes and edges [2022-07-22 17:40:31,840 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 22 nodes and edges [2022-07-22 17:40:31,841 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 11 nodes and edges [2022-07-22 17:40:31,841 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2022-07-22 17:40:31,841 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 2 nodes and edges [2022-07-22 17:40:31,842 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-07-22 17:40:31,842 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-07-22 17:40:31,867 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((pumpRunning == 0 && 1 == systemActive) && \result == systemActive) && waterLevel == 1 [2022-07-22 17:40:31,867 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((pumpRunning == 0 && tmp == systemActive) && 1 == systemActive) && \result == systemActive) && waterLevel == 1 [2022-07-22 17:40:31,867 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((pumpRunning == 0 && tmp == systemActive) && 1 == systemActive) && \result == systemActive) && waterLevel == 1 [2022-07-22 17:40:31,867 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((1 <= pumpRunning && waterLevel <= 1) && tmp == systemActive) && 1 == systemActive) && \result == systemActive) && splverifierCounter == 0) && 1 <= switchedOnBeforeTS) || (((((1 <= pumpRunning && 2 == waterLevel) && tmp == systemActive) && 1 == systemActive) && \result == systemActive) && splverifierCounter == 0)) || (((((pumpRunning == 0 && 2 == waterLevel) && tmp == systemActive) && 1 == systemActive) && \result == systemActive) && splverifierCounter == 0)) || (((((pumpRunning == 0 && waterLevel <= 1) && tmp == systemActive) && 1 == systemActive) && \result == systemActive) && splverifierCounter == 0) [2022-07-22 17:40:31,868 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) && (((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) == 2))) && ((((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS))) [2022-07-22 17:40:31,869 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2))) && ((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) [2022-07-22 17:40:31,869 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((((((((((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && tmp <= waterLevel) && \result <= waterLevel) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS) || ((((((tmp <= waterLevel && \result <= waterLevel) && pumpRunning == 0) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 1)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((pumpRunning == 0 && \result < 2) && !(2 <= tmp)) && 1 == systemActive) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || (((((pumpRunning == \old(pumpRunning) && \result < 2) && !(2 <= tmp)) && 1 == systemActive) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS))) && ((((((((((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && tmp <= waterLevel) && \result <= waterLevel) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS) || ((((((tmp <= waterLevel && \result <= waterLevel) && pumpRunning == 0) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(1 <= \old(switchedOnBeforeTS)))) && ((((((((((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && tmp == 2) && 2 == \result) && 1 == systemActive) && \old(waterLevel) == waterLevel) || !(\old(pumpRunning) == 0)) || !(1 == systemActive)) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2)) || (((1 <= pumpRunning && tmp == 2) && 2 == \result) && \old(waterLevel) == waterLevel))) && (((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || !(1 == systemActive)) || (((((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && \result < 2) && !(2 <= tmp)) && 1 == systemActive) && \old(waterLevel) == waterLevel))) && (((((((((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && tmp <= waterLevel) && \result <= waterLevel) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS) || ((((((tmp <= waterLevel && \result <= waterLevel) && pumpRunning == 0) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) == 2))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || waterLevel == 1) || !(\old(waterLevel) <= 2)) [2022-07-22 17:40:31,869 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) || ((1 <= pumpRunning && 2 == waterLevel) && \old(waterLevel) == waterLevel)) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) == 2)) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || ((((pumpRunning == 0 && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS))) && (((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || ((((pumpRunning == 0 && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && (((((((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || ((((pumpRunning == 0 && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || waterLevel == 1) || !(\old(waterLevel) <= 2)) [2022-07-22 17:40:31,869 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2)) && (((!(\old(waterLevel) <= 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) [2022-07-22 17:40:31,870 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((((((pumpRunning == 0 && \result < 2) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || (((((\result <= waterLevel && pumpRunning == 0) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(pumpRunning))) || ((((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && \result <= waterLevel) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || (((pumpRunning == \old(pumpRunning) && \result < 2) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS))) && (((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || (((((\result <= waterLevel && pumpRunning == 0) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(pumpRunning))) || ((((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && \result <= waterLevel) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || (((pumpRunning == \old(pumpRunning) && \result <= waterLevel) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || (((\result <= waterLevel && pumpRunning == 0) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2))) && (((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (((pumpRunning == 0 && \result < 2) && waterLevel <= 1) && \old(waterLevel) == waterLevel)) || (((pumpRunning == 0 && 2 == waterLevel) && 2 == \result) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2)) || (((1 <= pumpRunning && 2 == waterLevel) && 2 == \result) && \old(waterLevel) == waterLevel)) [2022-07-22 17:40:31,870 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((pumpRunning == \old(pumpRunning) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 1)) || !(1 <= switchedOnBeforeTS)) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(waterLevel <= 2)) [2022-07-22 17:40:31,871 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 1)) || !(1 <= switchedOnBeforeTS)) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(waterLevel <= 1))) && ((((1 <= pumpRunning || !(\old(pumpRunning) == 0)) || pumpRunning == 0) || !(1 == systemActive)) || !(2 == waterLevel)) [2022-07-22 17:40:31,871 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(waterLevel <= 2)) || ((pumpRunning == 0 && 2 == waterLevel) && \result == 0)) || ((1 <= \result && pumpRunning == 0) && waterLevel <= 1)) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 1)) || !(1 <= switchedOnBeforeTS)) [2022-07-22 17:40:31,871 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((1 <= pumpRunning || !(\old(pumpRunning) == 0)) || !(1 == systemActive)) || !(2 == waterLevel)) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 1)) || !(1 <= switchedOnBeforeTS))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(waterLevel <= 1)) [2022-07-22 17:40:31,871 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((pumpRunning == \old(pumpRunning) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 1)) || !(1 <= switchedOnBeforeTS)) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(waterLevel <= 2)) [2022-07-22 17:40:31,871 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (pumpRunning == 0 && 2 == waterLevel)) || ((((1 <= \result && pumpRunning == 0) && tmp___0 == 0) && 1 <= tmp) && \result == 0)) || !(waterLevel <= 2)) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 1)) || !(1 <= switchedOnBeforeTS)) [2022-07-22 17:40:31,905 INFO L141 WitnessManager]: Wrote witness to /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/witness.graphml [2022-07-22 17:40:31,905 INFO L132 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2022-07-22 17:40:31,905 INFO L158 Benchmark]: Toolchain (without parser) took 14013.20ms. Allocated memory was 81.8MB in the beginning and 192.9MB in the end (delta: 111.1MB). Free memory was 44.6MB in the beginning and 102.9MB in the end (delta: -58.3MB). Peak memory consumption was 53.0MB. Max. memory is 16.1GB. [2022-07-22 17:40:31,906 INFO L158 Benchmark]: CDTParser took 0.23ms. Allocated memory is still 81.8MB. Free memory was 45.7MB in the beginning and 45.7MB in the end (delta: 76.9kB). There was no memory consumed. Max. memory is 16.1GB. [2022-07-22 17:40:31,906 INFO L158 Benchmark]: CACSL2BoogieTranslator took 438.01ms. Allocated memory was 81.8MB in the beginning and 109.1MB in the end (delta: 27.3MB). Free memory was 44.4MB in the beginning and 78.9MB in the end (delta: -34.6MB). Peak memory consumption was 12.8MB. Max. memory is 16.1GB. [2022-07-22 17:40:31,906 INFO L158 Benchmark]: Boogie Procedure Inliner took 56.55ms. Allocated memory is still 109.1MB. Free memory was 78.9MB in the beginning and 76.2MB in the end (delta: 2.8MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-07-22 17:40:31,907 INFO L158 Benchmark]: Boogie Preprocessor took 24.99ms. Allocated memory is still 109.1MB. Free memory was 76.2MB in the beginning and 74.7MB in the end (delta: 1.4MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-07-22 17:40:31,907 INFO L158 Benchmark]: RCFGBuilder took 466.02ms. Allocated memory is still 109.1MB. Free memory was 74.7MB in the beginning and 56.5MB in the end (delta: 18.3MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. [2022-07-22 17:40:31,907 INFO L158 Benchmark]: TraceAbstraction took 12934.06ms. Allocated memory was 109.1MB in the beginning and 192.9MB in the end (delta: 83.9MB). Free memory was 55.9MB in the beginning and 110.3MB in the end (delta: -54.4MB). Peak memory consumption was 88.9MB. Max. memory is 16.1GB. [2022-07-22 17:40:31,908 INFO L158 Benchmark]: Witness Printer took 82.30ms. Allocated memory is still 192.9MB. Free memory was 110.3MB in the beginning and 102.9MB in the end (delta: 7.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. [2022-07-22 17:40:31,909 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.23ms. Allocated memory is still 81.8MB. Free memory was 45.7MB in the beginning and 45.7MB in the end (delta: 76.9kB). There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 438.01ms. Allocated memory was 81.8MB in the beginning and 109.1MB in the end (delta: 27.3MB). Free memory was 44.4MB in the beginning and 78.9MB in the end (delta: -34.6MB). Peak memory consumption was 12.8MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 56.55ms. Allocated memory is still 109.1MB. Free memory was 78.9MB in the beginning and 76.2MB in the end (delta: 2.8MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 24.99ms. Allocated memory is still 109.1MB. Free memory was 76.2MB in the beginning and 74.7MB in the end (delta: 1.4MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 466.02ms. Allocated memory is still 109.1MB. Free memory was 74.7MB in the beginning and 56.5MB in the end (delta: 18.3MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. * TraceAbstraction took 12934.06ms. Allocated memory was 109.1MB in the beginning and 192.9MB in the end (delta: 83.9MB). Free memory was 55.9MB in the beginning and 110.3MB in the end (delta: -54.4MB). Peak memory consumption was 88.9MB. Max. memory is 16.1GB. * Witness Printer took 82.30ms. Allocated memory is still 192.9MB. Free memory was 110.3MB in the beginning and 102.9MB in the end (delta: 7.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 935]: call to reach_error is unreachable For all program executions holds that call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 11 procedures, 113 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 12.8s, OverallIterations: 11, TraceHistogramMax: 5, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 4.5s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 4.8s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 2969 SdHoareTripleChecker+Valid, 2.9s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 2921 mSDsluCounter, 5829 SdHoareTripleChecker+Invalid, 2.3s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 4311 mSDsCounter, 1076 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 4683 IncrementalHoareTripleChecker+Invalid, 5759 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 1076 mSolverCounterUnsat, 1518 mSDtfsCounter, 4683 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 1008 GetRequests, 830 SyntacticMatches, 6 SemanticMatches, 172 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1240 ImplicationChecksByTransitivity, 1.4s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=666occurred in iteration=10, InterpolantAutomatonStates: 150, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.3s AutomataMinimizationTime, 11 MinimizatonAttempts, 251 StatesRemovedByMinimization, 7 NontrivialMinimizations, HoareAnnotationStatistics: 0.0s HoareAnnotationTime, 52 LocationsWithAnnotation, 1802 PreInvPairs, 2059 NumberOfFragments, 3008 HoareAnnotationTreeSize, 1802 FomulaSimplifications, 2019 FormulaSimplificationTreeSizeReduction, 0.4s HoareSimplificationTime, 52 FomulaSimplificationsInter, 18242 FormulaSimplificationTreeSizeReductionInter, 4.4s HoareSimplificationTimeInter, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.4s SatisfiabilityAnalysisTime, 2.0s InterpolantComputationTime, 1128 NumberOfCodeBlocks, 1128 NumberOfCodeBlocksAsserted, 13 NumberOfCheckSat, 1445 ConstructedInterpolants, 0 QuantifiedInterpolants, 2781 SizeOfPredicates, 6 NumberOfNonLiveVariables, 1304 ConjunctsInSsa, 21 ConjunctsInUnsatCore, 15 InterpolantComputations, 9 PerfectInterpolantSequences, 745/825 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 63]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 376]: Loop Invariant Derived loop invariant: (((((((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2))) && ((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 931]: Loop Invariant Derived loop invariant: ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2)) && (((!(\old(waterLevel) <= 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 353]: Loop Invariant Derived loop invariant: ((((pumpRunning == \old(pumpRunning) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 1)) || !(1 <= switchedOnBeforeTS)) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(waterLevel <= 2)) - InvariantResult [Line: 941]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 54]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 444]: Loop Invariant Derived loop invariant: ((((((((((((pumpRunning == 0 && \result < 2) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || (((((\result <= waterLevel && pumpRunning == 0) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(pumpRunning))) || ((((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && \result <= waterLevel) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || (((pumpRunning == \old(pumpRunning) && \result < 2) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS))) && (((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || (((((\result <= waterLevel && pumpRunning == 0) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(pumpRunning))) || ((((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && \result <= waterLevel) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || (((pumpRunning == \old(pumpRunning) && \result <= waterLevel) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || (((\result <= waterLevel && pumpRunning == 0) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2))) && (((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (((pumpRunning == 0 && \result < 2) && waterLevel <= 1) && \old(waterLevel) == waterLevel)) || (((pumpRunning == 0 && 2 == waterLevel) && 2 == \result) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2)) || (((1 <= pumpRunning && 2 == waterLevel) && 2 == \result) && \old(waterLevel) == waterLevel)) - InvariantResult [Line: 453]: Loop Invariant Derived loop invariant: ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(waterLevel <= 2)) || ((pumpRunning == 0 && 2 == waterLevel) && \result == 0)) || ((1 <= \result && pumpRunning == 0) && waterLevel <= 1)) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 1)) || !(1 <= switchedOnBeforeTS)) - InvariantResult [Line: 245]: Loop Invariant Derived loop invariant: ((((1 <= pumpRunning || !(\old(pumpRunning) == 0)) || !(1 == systemActive)) || !(2 == waterLevel)) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 1)) || !(1 <= switchedOnBeforeTS))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(waterLevel <= 1)) - InvariantResult [Line: 914]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 220]: Loop Invariant Derived loop invariant: (((((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) || ((1 <= pumpRunning && 2 == waterLevel) && \old(waterLevel) == waterLevel)) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) == 2)) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || ((((pumpRunning == 0 && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS))) && (((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || ((((pumpRunning == 0 && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && (((((((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || ((((pumpRunning == 0 && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || waterLevel == 1) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 995]: Loop Invariant Derived loop invariant: (((pumpRunning == 0 && tmp == systemActive) && 1 == systemActive) && \result == systemActive) && waterLevel == 1 - InvariantResult [Line: 1002]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 1013]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 845]: Loop Invariant Derived loop invariant: (((pumpRunning == 0 && tmp == systemActive) && 1 == systemActive) && \result == systemActive) && waterLevel == 1 - InvariantResult [Line: 907]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 467]: Loop Invariant Derived loop invariant: ((((pumpRunning == \old(pumpRunning) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 1)) || !(1 <= switchedOnBeforeTS)) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(waterLevel <= 2)) - InvariantResult [Line: 863]: Loop Invariant Derived loop invariant: ((((((((((((((((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && tmp <= waterLevel) && \result <= waterLevel) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS) || ((((((tmp <= waterLevel && \result <= waterLevel) && pumpRunning == 0) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 1)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((pumpRunning == 0 && \result < 2) && !(2 <= tmp)) && 1 == systemActive) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || (((((pumpRunning == \old(pumpRunning) && \result < 2) && !(2 <= tmp)) && 1 == systemActive) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS))) && ((((((((((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && tmp <= waterLevel) && \result <= waterLevel) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS) || ((((((tmp <= waterLevel && \result <= waterLevel) && pumpRunning == 0) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(1 <= \old(switchedOnBeforeTS)))) && ((((((((((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && tmp == 2) && 2 == \result) && 1 == systemActive) && \old(waterLevel) == waterLevel) || !(\old(pumpRunning) == 0)) || !(1 == systemActive)) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2)) || (((1 <= pumpRunning && tmp == 2) && 2 == \result) && \old(waterLevel) == waterLevel))) && (((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || !(1 == systemActive)) || (((((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && \result < 2) && !(2 <= tmp)) && 1 == systemActive) && \old(waterLevel) == waterLevel))) && (((((((((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && tmp <= waterLevel) && \result <= waterLevel) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS) || ((((((tmp <= waterLevel && \result <= waterLevel) && pumpRunning == 0) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) == 2))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || waterLevel == 1) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 853]: Loop Invariant Derived loop invariant: ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) && (((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) == 2))) && ((((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS))) - InvariantResult [Line: 64]: Loop Invariant Derived loop invariant: ((((((((1 <= pumpRunning && waterLevel <= 1) && tmp == systemActive) && 1 == systemActive) && \result == systemActive) && splverifierCounter == 0) && 1 <= switchedOnBeforeTS) || (((((1 <= pumpRunning && 2 == waterLevel) && tmp == systemActive) && 1 == systemActive) && \result == systemActive) && splverifierCounter == 0)) || (((((pumpRunning == 0 && 2 == waterLevel) && tmp == systemActive) && 1 == systemActive) && \result == systemActive) && splverifierCounter == 0)) || (((((pumpRunning == 0 && waterLevel <= 1) && tmp == systemActive) && 1 == systemActive) && \result == systemActive) && splverifierCounter == 0) - InvariantResult [Line: 412]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 921]: Loop Invariant Derived loop invariant: ((pumpRunning == 0 && 1 == systemActive) && \result == systemActive) && waterLevel == 1 - InvariantResult [Line: 253]: Loop Invariant Derived loop invariant: ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 1)) || !(1 <= switchedOnBeforeTS)) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(waterLevel <= 1))) && ((((1 <= pumpRunning || !(\old(pumpRunning) == 0)) || pumpRunning == 0) || !(1 == systemActive)) || !(2 == waterLevel)) - InvariantResult [Line: 951]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 334]: Loop Invariant Derived loop invariant: ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (pumpRunning == 0 && 2 == waterLevel)) || ((((1 <= \result && pumpRunning == 0) && tmp___0 == 0) && 1 <= tmp) && \result == 0)) || !(waterLevel <= 2)) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 1)) || !(1 <= switchedOnBeforeTS)) RESULT: Ultimate proved your program to be correct! [2022-07-22 17:40:31,980 INFO L552 MonitoredProcess]: [MP /storage/repos/ultimate/releaseScripts/default/UAutomizer-linux/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Ended with exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE